GeneralInformation

Hostnames	dashboard.epegroep.nl wormr138145.vds
Domains	epegroep.nl vds.
Country	Bulgaria
City	Sofia
Organization	Friendhosting LTD
ISP	ITL LLC
ASN	AS59729

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

443 3333

-1776590157 | 2024-04-05T19:16:44.385386

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 05 Apr 2024 19:16:44 GMT
Content-Type: text/html
Content-Length: 1344
Last-Modified: Wed, 01 Dec 2021 06:59:39 GMT
Connection: keep-alive
ETag: "61a71d5b-540"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:75:a3:f9:ba:ba:07:59:f0:ba:74:e3:96:a9:01:19:09:69
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 23 00:15:10 2024 GMT
            Not After : Jun 21 00:15:09 2024 GMT
        Subject: CN=dashboard.epegroep.nl
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:ca:84:9d:39:2e:d0:8c:1e:4c:a8:f8:e4:5d:32:
                    98:0e:30:96:4d:55:ee:b9:9f:3c:31:54:7d:17:1a:
                    86:7a:21:9c:0a:f4:ae:bc:e7:a4:35:c1:29:bd:99:
                    93:8b:2f:3d:56:22:81:ae:86:66:21:17:6e:5a:17:
                    c4:95:2c:f8:8a:8e:e4:1c:e4:38:72:9a:a3:23:53:
                    03:b9:14:1b:63:74:ff:63:c5:a1:75:aa:7c:6d:a8:
                    df:83:f1:dd:50:22:25:d5:87:65:0f:8a:f9:83:5b:
                    13:ba:0a:94:d1:d6:7d:66:ae:9b:ed:d9:10:8f:fe:
                    5f:60:84:75:32:03:4d:08:7d:4c:1a:b9:f7:99:25:
                    43:e4:2c:81:fe:1c:d4:c7:fe:e7:13:e8:cd:97:d6:
                    9a:3b:19:b5:49:00:2a:b3:86:59:62:5d:41:ea:f7:
                    29:3a:1f:53:c1:43:d1:fe:10:ef:71:9f:00:69:a0:
                    7a:80:71:2f:81:f2:c5:21:17:0e:7d:3a:6a:42:d6:
                    36:86:1a:5b:0b:f6:f5:fd:55:ca:13:ff:d7:f7:5d:
                    93:5c:db:3e:8a:a6:aa:f1:4e:af:36:40:54:df:40:
                    57:de:21:29:48:35:4b:d7:a2:2c:2c:9d:a1:1e:ee:
                    e7:dd:4d:cf:34:fa:1c:8c:39:f1:e9:63:20:46:3a:
                    b8:0f:27:8b:8d:47:d9:24:67:a3:b3:c0:ce:3f:c3:
                    36:0b:1c:06:f7:35:72:90:84:b5:71:d3:b1:8d:61:
                    81:51:a1:3e:8c:ee:12:af:5d:d8:b7:af:68:43:b1:
                    4f:c9:af:53:8d:82:54:b0:20:f6:8f:aa:7b:32:43:
                    87:73:de:5b:f0:45:bf:81:8d:6f:33:ee:17:57:01:
                    84:43:37:0b:20:61:41:86:21:65:65:35:49:c3:a1:
                    7d:9b:17:1b:6d:ae:1f:ff:4d:f1:9b:7c:ea:36:7f:
                    3e:2e:22:89:a1:44:67:4a:82:09:41:f0:39:55:2b:
                    1b:70:37:d4:c6:ae:7c:67:9e:ef:0f:b4:20:5e:90:
                    3e:5e:88:61:4a:d4:2f:3b:1a:7b:a3:24:6f:9b:1b:
                    0a:a3:20:3e:38:64:5f:48:b3:24:a8:4b:47:e7:56:
                    fc:49:57:ee:e3:8c:e2:6b:8b:c4:8b:0f:d1:95:c6:
                    ae:60:3b:11:92:1a:a9:69:8e:38:18:8e:aa:8c:c2:
                    5b:08:4a:62:4a:b1:5c:30:ba:07:e5:b5:ee:69:19:
                    72:e7:47:f8:43:95:8a:2c:7e:2e:35:c4:2f:ea:bb:
                    0b:ad:38:64:91:e0:54:20:9b:eb:f3:3c:d0:02:28:
                    03:43:97:f3:fb:fa:b8:cd:72:af:98:80:ee:39:7a:
                    7a:66:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E2:47:2E:3C:E1:C8:EA:61:79:B8:81:96:EF:6E:D9:9E:7D:63:DA:55
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:dashboard.epegroep.nl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 23 01:15:11.096 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AC:03:5B:6C:77:26:1E:34:50:01:41:
                                A1:DC:CE:ED:58:DF:5B:27:54:C6:8F:BD:8D:B9:92:CB:
                                D0:9D:EE:6E:CA:02:21:00:99:F5:F0:EE:5E:B1:DF:BB:
                                18:0E:C9:47:06:4F:8D:C3:D7:18:3F:95:FE:03:4E:10:
                                A7:24:C5:DB:AB:6C:43:15
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 23 01:15:13.079 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AC:5D:A5:4B:AC:D4:9F:7D:2A:16:37:
                                C0:40:76:35:97:DC:3E:7A:AF:B0:80:B6:8C:95:2B:F0:
                                60:CE:12:4E:FC:02:20:37:9D:DB:EF:98:64:03:C3:B5:
                                1A:39:64:95:51:6D:1B:C6:E8:55:2E:CD:B0:04:8F:AA:
                                02:96:85:91:0F:A5:8E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        af:03:64:5e:d0:b9:c2:28:c4:43:bb:fc:d9:50:25:93:85:72:
        fc:39:11:de:fd:8c:9f:56:9d:3b:df:66:84:a5:a9:8d:4f:6f:
        9d:70:99:42:8f:06:9e:0e:52:51:1a:1f:3b:2f:9b:33:eb:a7:
        21:9f:24:77:f7:4c:e9:54:82:54:a4:7c:1b:ab:ec:82:38:14:
        a5:03:08:20:06:b6:b1:29:77:f9:07:2e:88:65:84:3c:f1:01:
        71:32:42:9e:80:c0:a6:08:72:81:66:9f:d0:b1:55:85:cf:0e:
        cd:60:95:8b:5b:91:65:d3:3b:65:fe:aa:f2:d9:b3:12:0f:63:
        49:a9:cb:a2:75:cb:dc:f3:82:17:6b:b4:19:f6:57:1c:06:73:
        43:b0:28:fc:f2:62:ef:81:79:ac:3b:32:a9:a7:d9:dc:06:e5:
        5a:0a:4e:0a:dc:33:b6:36:40:ab:02:48:23:c1:b2:e0:16:16:
        7c:90:60:95:63:98:67:8f:b9:32:2d:08:19:2a:9b:1f:c7:cc:
        d7:04:48:96:4e:02:93:6f:f3:22:63:96:77:f8:72:91:5d:56:
        43:db:3f:49:50:6f:29:12:76:da:e5:eb:b6:ac:cd:b3:a6:dc:
        94:9b:01:b9:03:d0:cc:8a:d5:23:79:8b:cc:eb:6a:61:b9:6a:
        40:62:17:80

-1883194307 | 2024-04-09T07:51:14.846410

3333 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCjbBNsALygnspD7wBXABNcDK2r9P5AIw2GX9QO9inPkzIt
cNIHZkjmjJc1KjMI5+CTB/9WckfXCtJFLmvpfT5Uh3dbbNEayj7l4n9SUKI/FlsSK1WBZGU7vDPs
x+vJacz6mH2GP3mPCm5zDkq5uTTce/5yeTB3AFs9W+dHlSTwafyq7tLXuO3+gk/I29U7vCoK8OZq
sUE+zx7E+EBjuFXPXGUjhlGVQXJc2v21pkQZsAzs2nNOpd8rLSDVanhGComoMA9yH5e3eHcrfdu8
p6e9141Mpo3Jos8shV7VdvR1QJ0vJOFSepjRgrro2hOrRrXdPOnsIiuP4De3FgFsMkIV81YpbVpF
EOQIK4b4ZpTZsoEwUUaqz76t9183Q1xD2g6lvC9MsebMp8QmXw/ev0Ts4E7uhcaj5kKBFqL21A/f
YyrRlEXBNepZ3+VMpxAq0KdLeMYhUVHA4NiXxjFFz0Z61JCSytitOPxAGxbu+jDKhnFRsvaUIN5b
7qzwMGQl36E=
Fingerprint: e0:f0:b4:aa:51:45:db:a2:66:ed:87:85:1d:87:48:53

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

91.215.152.128

Last Seen: 2024-04-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1776590157 | 2024-04-05T19:16:44.385386
443 / tcp

nginx1.18.0

-1883194307 | 2024-04-09T07:51:14.846410
3333 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

Products

Pricing

Contact Us

91.215.152.128

Last Seen: 2024-04-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1776590157 | 2024-04-05T19:16:44.385386 443 / tcp

nginx1.18.0

-1883194307 | 2024-04-09T07:51:14.846410 3333 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

Products

Pricing

Contact Us

-1776590157 | 2024-04-05T19:16:44.385386
443 / tcp

-1883194307 | 2024-04-09T07:51:14.846410
3333 / tcp