GeneralInformation

Hostnames	maxwellhardwoodflooring.com admin.maxwellhardwoodflooring.com www.maxwellhardwoodflooring.com
Domains	maxwellhardwoodflooring.com
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

CDN

jQuery CDN

JavaScript libraries

jQuery3.4.1

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-23064	6.1Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

OpenPorts

22 80 443 1337

-780352691 | 2024-04-17T05:14:41.036176

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDIiEHtuHPuNuCKB6Ti7OTGEgVLKLaCP6qnl7b/xCThUSww
EoCvej272c/BrLMwlWVuNgJnN7/WRYDP+b2KH3EfeOLl3G+E4f+DHafrpnQBxrVjuxcCOP8L+Nk4
l/7IV9A/36qC6ahanaipfVtcJ+Z2IsqwPZmVjS8dqo9yJHMD6xbLqYnxJlih8LtYY+5tf/BSFHFr
tnpDBTWIEYEUQxKxdH9lTc86Rtfmg0wEMn73NcuG1YndcuFAxKdwshcuukv6szzV//rwKcLsOw7I
Cbqb5gRSq7mM4SDJ9w8CX/YQIZ5MEreDXxNU8qUPtQqGlDUBhLgtQKIAJSThGroNnncMg6d8xP7r
CuwdoAnfOkz8Y/qQ+ibhu5bcIwAAEvlNFsgqhdTTki2bFZyTzKz/B0S2BdgogT9rKxDkqOTrtEKt
pmnLAdsUE49YITUotTPkZ9SO9OsJ1sFEIoRYEfUpfamkPWZH+A3LrNARoYT1JfUQVDpcDEF8Jk4D
SbnTpXYftE8=
Fingerprint: cc:6c:8f:f7:f8:7e:b5:96:88:a3:5a:46:8e:66:0f:57

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-04-14T21:13:35.463993

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 14 Apr 2024 21:13:35 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

1155045790 | 2024-04-16T21:50:54.612633

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 21:50:53 GMT
Content-Type: text/html
Content-Length: 3867
Last-Modified: Fri, 29 Jan 2021 16:02:43 GMT
Connection: keep-alive
ETag: "601431a3-f1b"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:fe:33:4e:bb:13:99:c3:28:4a:87:4e:c5:07:40:6a:e5:b2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 28 23:44:49 2024 GMT
            Not After : Jun 26 23:44:48 2024 GMT
        Subject: CN=admin.maxwellhardwoodflooring.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:df:1c:76:27:66:54:25:b7:4a:ee:dd:7f:23:34:
                    6d:aa:c1:d1:6a:be:29:5e:c9:57:74:0b:ca:ef:58:
                    64:7b:b5:42:1a:60:88:01:0e:e2:98:f9:e5:68:1f:
                    aa:91:d4:7d:99:a0:ad:04:d9:5a:91:b8:a9:9f:96:
                    fb:bf:6f:3d:45:3f:2e:01:09:8b:e4:1d:cd:ea:4b:
                    83:b6:30:8e:be:66:af:f6:a1:31:8d:5e:13:e9:2b:
                    1d:cc:a0:8a:3b:88:5d:87:8d:3d:96:71:60:ce:83:
                    5f:86:f2:27:ae:6c:ee:09:a3:2e:d9:64:80:37:1a:
                    83:f0:cd:52:64:1b:89:a9:27:d3:e1:6d:b9:60:86:
                    8d:22:59:a1:bb:27:7c:46:53:78:00:e2:1d:b1:2e:
                    4e:64:bc:35:46:12:46:8e:07:ce:7b:8c:20:0e:23:
                    14:ae:6e:1b:24:61:ba:b3:f1:8a:02:64:0c:9d:3b:
                    a8:03:4b:00:b6:76:5a:93:4d:b0:4e:bd:cb:b7:d8:
                    e8:a1:3b:9f:4c:6d:2c:91:0b:94:e6:28:e9:25:58:
                    1b:d1:c8:9f:ee:e1:7f:75:d9:d9:e2:1f:fd:5c:c5:
                    d6:97:ad:95:d6:88:18:c9:7f:15:da:f6:e3:26:86:
                    4a:71:18:8d:b4:85:1d:3d:59:02:d4:5a:76:c8:7f:
                    73:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                0D:6D:96:60:A6:6F:52:0D:43:4E:50:B2:A5:AC:6D:9A:98:3F:02:F6
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:admin.maxwellhardwoodflooring.com, DNS:maxwellhardwoodflooring.com, DNS:www.maxwellhardwoodflooring.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 29 00:44:49.989 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C5:A1:DA:20:D9:26:3F:A7:27:F2:83:
                                A6:45:82:A4:6A:2C:C7:6F:B6:FC:67:85:61:DC:79:08:
                                4A:BC:FF:34:E5:02:20:72:F5:DA:7A:13:74:4E:E0:21:
                                32:33:A5:4B:75:77:6D:1B:91:CA:B6:06:63:3E:91:82:
                                34:7E:4D:28:0A:A4:20
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 29 00:44:50.002 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:71:BD:22:59:E4:01:20:67:89:E4:47:27:
                                4F:32:9D:D8:50:0D:0B:3B:59:6C:F5:08:47:41:49:6B:
                                65:67:83:94:02:20:0C:F8:69:88:B7:E1:4D:85:FC:20:
                                8A:FD:04:0B:DD:53:E3:35:15:46:B7:9F:04:87:1B:EE:
                                7B:65:3D:24:05:8B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        60:0a:f0:5f:c1:6f:bc:af:f5:7c:44:ab:11:fe:c4:e9:6a:1b:
        40:3a:23:be:a4:71:c4:4e:01:c4:f7:a1:64:fb:7c:37:6a:ee:
        dc:17:e5:a8:94:e1:0e:c1:f3:7e:b5:f6:c0:9f:5d:8b:12:da:
        75:79:39:c9:ae:42:ab:db:87:4c:8b:75:28:c3:cf:4e:3d:5c:
        fc:78:a4:2c:52:b5:57:9b:27:61:5f:fa:85:1a:d6:58:6e:09:
        d2:da:78:c3:cb:ac:a8:ba:e7:c4:52:58:f5:c5:90:f9:39:09:
        3c:c1:17:18:05:be:cc:4c:a8:8e:5d:a2:6b:ea:a6:d5:d6:be:
        4d:13:62:ac:0b:ca:51:50:9c:17:4e:2b:9c:b4:8a:65:39:bb:
        b5:6e:e8:46:d1:02:bf:5b:ea:46:b3:d0:cf:7b:b9:68:13:36:
        96:57:33:6b:d7:3a:18:0e:98:29:39:df:96:8f:cf:a0:78:fa:
        84:fd:9f:49:ab:6f:b0:62:3a:6c:b6:f6:85:b2:ff:e1:e9:81:
        f9:12:38:ea:81:8a:a7:bf:c3:3d:a2:ff:5e:40:17:9f:17:a8:
        3c:97:6a:4f:25:fd:82:57:c8:a3:26:97:8f:fc:27:4f:2d:52:
        fa:80:2b:dd:79:18:9b:f4:4f:06:5d:73:b6:8e:36:de:38:e3:
        6f:52:1f:d5

-1591670998 | 2024-04-12T10:35:32.982024

1337 / tcp

HTTP/1.1 200 OK
Vary: Origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
X-Powered-By: Strapi <strapi.io>
X-Response-Time: 10ms
Date: Fri, 12 Apr 2024 10:35:32 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

cce
<!doctype html>
<html>
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <title>Welcome to your Strapi app</title>
    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" />
    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" />
    <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" />
    <style>
      *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}}
    </style>
  </head>
  <body lang="en">
    <section class="wrapper">
      <h1><img class="logo" src="https://admin.maxwellhardwoodflooring.com/assets/images/logo_login.png" /></h1>
      
        <div class="informations">
          <div>
            <span class="environment">production</span>
            <p>The server is running successfully.</p>
          </div>
          <div class="text-align-right">
            <p>Fri, 12 Apr 2024 10:35:32 GMT</p>
          </div>
        </div>
      
    </section>

    
  </body>
</html>

0

134.122.116.16

Last Seen: 2024-04-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-780352691 | 2024-04-17T05:14:41.036176
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

677579724 | 2024-04-14T21:13:35.463993
80 / tcp

nginx1.18.0

1155045790 | 2024-04-16T21:50:54.612633
443 / tcp

nginx1.18.0

-1591670998 | 2024-04-12T10:35:32.982024
1337 / tcp

Products

Pricing

Contact Us

134.122.116.16

Last Seen: 2024-04-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-780352691 | 2024-04-17T05:14:41.036176 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

677579724 | 2024-04-14T21:13:35.463993 80 / tcp

nginx1.18.0

1155045790 | 2024-04-16T21:50:54.612633 443 / tcp

nginx1.18.0

-1591670998 | 2024-04-12T10:35:32.982024 1337 / tcp

Products

Pricing

Contact Us

-780352691 | 2024-04-17T05:14:41.036176
22 / tcp

677579724 | 2024-04-14T21:13:35.463993
80 / tcp

1155045790 | 2024-04-16T21:50:54.612633
443 / tcp

-1591670998 | 2024-04-12T10:35:32.982024
1337 / tcp