GeneralInformation

Hostnames	infodev.com.np chatbot.infodev.com.np
Domains	infodev.com.np
Country	Nepal
City	Kathmandu
Organization	Info Developers Pvt. Ltd.
ISP	Info Developers Pvt. Ltd.
ASN	AS136047
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 8008

677579724 | 2024-04-14T06:26:45.646586

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 14 Apr 2024 06:26:45 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

-1107508585 | 2024-04-15T17:53:53.228609

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 15 Apr 2024 17:53:52 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: filename
Access-Control-Allow-Credentials: true

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:f0:61:1e:a1:f3:7d:eb:25:74:9d:06:4c:97:33:72:75:6d
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 28 22:45:56 2024 GMT
            Not After : May 28 22:45:55 2024 GMT
        Subject: CN=chatbot.infodev.com.np
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:05:2f:14:4a:9b:97:c1:b2:7e:e7:51:92:1f:
                    bc:a7:bc:74:c9:37:88:c9:29:51:a8:3b:b1:a3:1f:
                    66:56:64:ec:7f:80:68:37:44:84:b0:82:97:58:28:
                    92:78:b6:56:34:f8:50:80:5b:6b:3a:9b:c9:03:b4:
                    42:e7:32:7b:b3:42:9a:3e:5f:4b:e7:71:71:81:9a:
                    a8:ef:0a:c5:1e:27:74:6d:a7:21:ed:fa:76:33:bd:
                    e1:b7:1d:b5:b3:ad:8c:47:ad:51:fc:20:a9:04:e4:
                    be:bf:b3:09:96:22:3a:a0:83:87:91:69:dd:d3:df:
                    db:a3:fc:bc:95:fb:3e:ed:0f:f3:32:31:01:e1:a7:
                    c9:3c:77:ea:50:d3:f6:ab:d5:8e:d4:68:2d:f4:57:
                    02:fd:ff:38:18:26:70:72:8b:d0:07:14:f9:ff:5c:
                    c3:29:89:e7:7d:e3:7d:99:55:22:a1:34:d6:30:e0:
                    d7:3a:fe:c0:53:b3:8b:44:03:a8:e2:d9:e3:4c:89:
                    36:d3:84:f3:ab:3e:21:ab:29:c6:f6:21:cb:a6:ae:
                    4e:1d:c5:6e:d9:10:56:77:85:62:25:57:59:7b:19:
                    4f:48:0e:60:ba:0b:81:27:e4:12:61:3a:05:27:4a:
                    dc:7b:6a:f8:b2:af:ff:88:a0:3b:a0:11:7c:a2:77:
                    ba:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                45:A5:29:A7:2C:66:17:6D:09:EA:93:37:87:6C:C9:B8:03:0C:1D:BC
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:chatbot.infodev.com.np
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 28 23:45:56.925 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F7:55:A3:26:A8:2A:F2:B3:E4:6A:98:
                                0E:30:77:74:7A:C2:9B:6F:4C:A4:3D:20:62:EA:3B:55:
                                EA:51:8A:4B:C9:02:20:6C:6B:28:AA:EE:89:3A:F3:4F:
                                E0:86:B7:94:B8:3C:0D:E3:B7:F9:14:1F:1B:1A:6E:03:
                                F1:54:38:C5:60:26:2D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb 28 23:45:56.923 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:78:33:A1:F8:FB:70:A8:3A:2D:54:7F:FD:
                                3C:D1:BB:F2:E3:A7:B9:68:ED:8D:3C:41:67:90:F6:AD:
                                76:68:33:2D:02:20:67:79:F8:19:04:0F:8C:00:1A:C4:
                                3C:CF:70:63:7A:F6:4B:AF:7D:51:21:24:97:D7:9F:0A:
                                9F:53:6A:80:1D:4B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        83:7e:24:bc:10:e5:b2:ab:24:ac:2e:ca:3d:4c:19:a1:45:ce:
        be:a2:83:1a:53:24:0d:db:9a:15:60:1f:bf:8c:e6:94:2a:cf:
        b7:e2:f2:08:e8:d4:2b:3c:be:3e:ba:4d:27:7f:de:40:34:1c:
        4c:f9:e2:93:39:1c:4b:a3:7d:b8:0f:a1:96:0b:dd:f0:eb:aa:
        09:1c:23:f9:77:76:36:07:4c:df:95:12:22:0e:a8:7f:ad:b5:
        a0:b9:56:c5:9e:67:67:bc:f4:c7:05:7b:56:9f:63:ba:a3:67:
        a2:1a:fc:63:f4:37:1d:7b:47:1e:b1:52:31:42:57:22:b7:07:
        ae:98:3c:d4:c6:20:b4:3a:76:75:5e:cc:fb:6b:62:e9:8f:52:
        25:e2:29:d3:a4:7a:c0:79:ea:1c:50:14:1b:e5:be:b7:ab:57:
        81:f4:e6:a4:0a:0d:b6:b1:f7:8f:60:d0:2c:2e:a0:9d:f6:f6:
        b7:e5:5d:41:85:36:66:d7:5f:e2:94:e6:a3:6e:38:ed:bb:7d:
        24:58:9a:f3:58:da:03:e0:01:ad:7b:6c:94:40:94:09:bb:e9:
        3d:13:d4:3e:3b:0f:36:a6:eb:f4:9f:5b:04:c0:56:d2:6f:3b:
        ac:17:a4:2d:32:80:f9:d5:0d:68:ec:25:a8:6e:af:f8:25:ad:
        67:ae:17:50

-900538529 | 2024-04-13T13:21:06.754831

8008 / tcp

HTTP/1.1 302 Found
Location: https://103.109.228.20:8015/
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'

103.109.228.20

Last Seen: 2024-04-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

677579724 | 2024-04-14T06:26:45.646586
80 / tcp

nginx1.18.0

-1107508585 | 2024-04-15T17:53:53.228609
443 / tcp

nginx1.18.0

-900538529 | 2024-04-13T13:21:06.754831
8008 / tcp

Products

Pricing

Contact Us

103.109.228.20

Last Seen: 2024-04-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

677579724 | 2024-04-14T06:26:45.646586 80 / tcp

nginx1.18.0

-1107508585 | 2024-04-15T17:53:53.228609 443 / tcp

nginx1.18.0

-900538529 | 2024-04-13T13:21:06.754831 8008 / tcp

Products

Pricing

Contact Us

677579724 | 2024-04-14T06:26:45.646586
80 / tcp

-1107508585 | 2024-04-15T17:53:53.228609
443 / tcp

-900538529 | 2024-04-13T13:21:06.754831
8008 / tcp