GeneralInformation

Hostnames	online-prod.ipsfailover.com 2xx.sddan.com
Domains	ipsfailover.com sddan.com
Country	France
City	Paris
Organization	Scaleway
ISP	SCALEWAY S.A.S.
ASN	AS12876

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

-1427803479 | 2024-04-22T23:49:42.504492

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Mon, 22 Apr 2024 23:49:41 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://js.sddan.com/

-1634238832 | 2024-04-23T00:21:18.739148

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 23 Apr 2024 00:21:18 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c2:ab:72:6f:b7:25:b7:e7:7e:cd:d7:8b:65:46:ee:a5:01
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 10 10:25:28 2024 GMT
            Not After : Jun  8 10:25:27 2024 GMT
        Subject: CN=2xx.sddan.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e4:06:ff:20:42:66:a4:98:a9:59:2d:d2:53:3e:
                    95:a2:84:aa:81:d4:a2:dd:04:55:16:d0:23:af:a7:
                    d0:23:90:c7:28:00:fc:90:ce:f1:88:01:1f:03:a9:
                    f5:82:fb:12:7b:b0:64:6e:88:3e:f0:4b:05:0a:e7:
                    47:88:00:2d:2b:ea:21:ca:eb:30:85:95:86:7b:ff:
                    84:23:1f:4b:29:59:1d:d3:0a:01:6e:48:31:1e:50:
                    31:3f:66:ac:03:98:93:b6:c5:76:24:0f:3f:31:bc:
                    8c:5d:a2:c5:37:01:42:af:67:97:ae:1f:d3:aa:8e:
                    ac:1c:65:6e:e7:96:2f:b9:d4:96:7d:81:f9:c2:fb:
                    a8:1e:7c:79:05:18:fb:a9:3f:42:ac:55:d9:f5:48:
                    62:d2:be:d4:ee:c4:52:8f:e0:9f:d9:00:89:13:ca:
                    75:43:7d:e9:af:99:2e:63:b1:c2:a6:ba:fe:e8:c8:
                    08:75:5a:0a:78:6f:93:f1:e3:db:df:9b:f2:12:23:
                    d7:31:34:40:e8:93:c3:28:69:4b:39:7f:ae:db:2e:
                    4a:ac:3e:af:8c:94:fa:e8:b6:3e:7d:5a:13:80:eb:
                    69:e7:c4:fc:41:62:42:88:d5:3c:f4:0e:75:c3:f9:
                    72:b6:c6:92:58:be:28:0f:01:9f:5b:3c:7d:a4:68:
                    82:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                49:1C:39:9B:BC:95:58:F2:51:89:34:0E:7B:DD:61:20:BC:42:0F:4F
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:2xx.sddan.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 10 11:25:28.714 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EB:70:1A:F6:2B:16:DD:93:A3:65:7B:
                                9B:58:E2:8D:39:55:97:E5:10:2D:D1:31:77:1B:7C:12:
                                27:3D:FD:45:8B:02:21:00:B5:33:2E:5F:7E:99:AB:AF:
                                FA:EB:DE:8B:19:F5:B7:92:23:76:C7:9F:02:B1:68:6B:
                                B9:85:5C:1D:50:ED:23:67
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 10 11:25:28.717 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:58:E6:A6:CD:47:E2:13:21:69:AE:D2:DF:
                                36:1E:EE:6D:7D:B1:94:65:F3:68:D8:1F:E6:16:72:F5:
                                5D:35:5E:95:02:20:46:1F:CA:AA:CD:DF:44:69:A3:CC:
                                1C:81:F3:E5:EA:15:5F:0F:A9:07:3F:98:29:68:4A:09:
                                AF:E0:55:17:D8:8E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        62:91:39:ad:ed:16:1f:5a:d8:03:a7:18:53:d2:1c:86:32:80:
        c2:b4:83:d8:9d:39:2c:1c:31:d8:21:3a:f4:51:15:c6:f4:97:
        8e:8b:1b:65:42:17:65:10:01:32:fe:5f:f7:fd:c3:97:87:47:
        dd:7d:8c:03:47:c3:ba:d1:77:f8:15:7e:e1:ee:9b:94:9f:11:
        71:15:25:0b:40:a9:75:25:2b:5a:da:ac:36:b5:4b:8e:5d:de:
        8e:dc:a9:76:e4:25:dd:5f:08:3c:95:b9:27:e0:65:50:2b:e0:
        6e:78:ca:49:3b:fb:0a:16:b4:c7:63:12:54:1d:2c:42:e0:6f:
        4b:36:fd:11:ca:e2:dd:45:24:ff:f8:44:13:ae:a1:a4:3b:18:
        7f:28:f3:9d:6a:c0:55:ba:d1:44:8b:5c:6b:76:24:ea:58:5a:
        24:3c:46:d5:11:16:cb:d7:44:53:f2:d2:b5:51:cf:ed:f6:b0:
        e6:cf:89:e7:ab:9d:fb:21:4c:ea:cc:0f:53:48:c7:42:6a:87:
        b8:65:05:f5:e7:32:bc:48:5a:f7:24:b8:42:42:e7:3a:69:5f:
        56:09:d4:1a:a3:42:a8:4c:84:ca:88:7b:8c:76:4a:c5:0a:bc:
        7a:ab:f0:11:cb:58:2e:08:9c:dc:72:d0:2d:33:59:a8:f7:68:
        da:d7:7b:c8

51.158.28.83

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1427803479 | 2024-04-22T23:49:42.504492
80 / tcp

nginx1.20.2

-1634238832 | 2024-04-23T00:21:18.739148
443 / tcp

nginx1.20.2

Products

Pricing

Contact Us

51.158.28.83

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1427803479 | 2024-04-22T23:49:42.504492 80 / tcp

nginx1.20.2

-1634238832 | 2024-04-23T00:21:18.739148 443 / tcp

nginx1.20.2

Products

Pricing

Contact Us

-1427803479 | 2024-04-22T23:49:42.504492
80 / tcp

-1634238832 | 2024-04-23T00:21:18.739148
443 / tcp