GeneralInformation

Hostnames	api.vdash.com.br
Domains	vdash.com.br
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

-384950317 | 2024-04-03T07:02:02.737757

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDGkX0M8Xme6a6f8TKWuIRRQSmVFtZlDtaGMyqWAw3ebe6x
2/IQ2WaLd0e/fghueyRasFGex03enufdy+pFEcZorTlLATAVr0vZZmY9VIdYqG7+I2GDmqWcrqIC
tQvgLLSZoPqjvTRBYR0XE/h0sdc3PceT+gLdOkrLUqlmYDn7S7KzkycR0XB4Ve7lMDbAQcqgLKZn
+tLI8dyNmYfzGzUCEYZ27WmvRvJyj/akxa+fuxFVafWepOlGOl/WNyCa65Htxiaj0B6Dk2aO3HyE
ortu2A3o0RxYRTOJNPwOdHISRvK8E8ChZXS2IqKQPSRA/pkX65n3VDi6we6iA5OxrtHe9oc+6PSB
TcZEdhs9lX7qqru8WVU+vaICOoWBkO6FNZmMpbxSzXeJsmQT9fm+EJPuGtjQscKnMyQ4mrMVLx9i
uPhw0vWdt3eMEs8F5Hqg+wDWAHSl7jjmZYvm52zMNIY6U331PuDrLSuB3kcFL5fEvMMzNmnNLgZ+
2+ON2g4yih0=
Fingerprint: 0c:a0:92:76:4e:c9:3d:31:d0:28:7a:58:59:b6:db:0f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1584412971 | 2024-04-11T21:11:40.314090

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Thu, 11 Apr 2024 21:11:40 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://134.209.221.93/

1584412971 | 2024-04-11T21:11:45.386530

443 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Thu, 11 Apr 2024 21:11:44 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://api.vdash.com.br/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:36:b9:16:3a:d4:5a:97:66:0a:cc:84:43:98:76:98:cf:dd
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb  9 11:58:07 2024 GMT
            Not After : May  9 11:58:06 2024 GMT
        Subject: CN=api.vdash.com.br
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:5b:0e:8c:25:60:e6:90:c3:f2:f3:d2:17:d7:a2:
                    ac:2a:f3:f7:67:74:2b:29:8e:48:03:98:83:0c:01:
                    4f:cc:6a:53:eb:9f:c9:a1:ae:a4:53:86:22:d9:85:
                    b9:21:e0:38:ad:a1:46:2c:71:fa:c0:ac:ef:e0:20:
                    a8:81:70:63:59:a8:11:74:88:ec:b8:3c:56:f6:0e:
                    bb:21:c8:6b:09:3b:29:89:cb:d8:65:33:79:ef:cb:
                    08:ff:dc:6d:a0:17:72
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                17:E2:15:D4:B2:92:92:D8:0C:65:31:92:34:3C:8A:22:A3:91:67:0A
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.vdash.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb  9 12:58:07.260 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:73:35:17:6B:D7:B8:25:35:FE:99:C5:35:
                                EA:D1:DF:30:84:8D:A5:1D:BA:8E:4A:87:3B:95:D0:07:
                                8D:CB:69:D9:02:21:00:BE:B0:56:58:52:C1:C3:9D:DB:
                                0F:E7:E8:E5:5C:B2:76:F3:C0:15:96:4F:83:40:D2:47:
                                B7:60:80:81:B1:00:A1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb  9 12:58:07.752 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BF:CC:C3:0A:44:2F:59:CB:D2:DD:28:
                                72:21:C3:00:45:AE:CA:D5:CB:63:A2:25:8B:01:D2:AD:
                                C5:B7:34:ED:F6:02:20:48:25:E0:22:45:18:9D:61:E1:
                                E9:31:F6:45:7F:B8:9E:0B:0C:58:52:8B:BE:3C:0B:36:
                                6F:22:16:37:2C:CB:F3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b8:ae:31:cc:53:0e:99:56:f9:23:f4:49:8d:22:70:16:12:11:
        5b:9d:54:96:1d:a7:b6:bc:60:4b:53:af:b9:c1:56:d7:e9:20:
        e7:e9:c2:48:1b:f5:f0:d9:cd:77:80:56:c2:56:fb:0a:57:3d:
        03:84:79:02:4e:50:49:b9:74:cf:8a:a0:d4:6a:91:8a:b5:62:
        6d:79:49:d6:e4:b5:fc:e5:b8:bd:39:12:61:c2:80:f3:32:d4:
        93:33:26:7e:72:73:b3:84:ac:92:5d:c5:85:15:77:09:f5:34:
        8d:79:c0:79:30:0d:90:cd:cf:aa:52:2e:5d:5b:93:61:b1:cf:
        b3:04:32:22:65:33:1a:05:37:9a:e9:db:85:3a:06:8d:00:bd:
        8b:c3:5e:e2:8b:90:74:c6:7c:64:7f:75:df:84:cd:48:7e:e4:
        e0:12:75:73:2b:ee:7f:d7:fb:12:f2:20:cf:a4:87:69:94:5c:
        f2:9c:e0:e6:79:f8:03:5f:31:d0:52:a0:6b:53:b7:c9:51:0a:
        f7:2c:99:74:a7:10:c9:3f:41:45:fd:53:59:ef:00:2b:35:2d:
        01:a4:ff:ea:58:17:26:db:57:06:fa:f0:47:1e:8a:5f:82:b3:
        03:bc:a3:81:3c:5c:cc:bb:45:29:bf:48:7b:b4:d2:f7:db:61:
        61:96:7f:de

134.209.221.93

Last Seen: 2024-04-11

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-384950317 | 2024-04-03T07:02:02.737757
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1584412971 | 2024-04-11T21:11:40.314090
80 / tcp

nginx1.18.0

1584412971 | 2024-04-11T21:11:45.386530
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

134.209.221.93

Last Seen: 2024-04-11

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-384950317 | 2024-04-03T07:02:02.737757 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1584412971 | 2024-04-11T21:11:40.314090 80 / tcp

nginx1.18.0

1584412971 | 2024-04-11T21:11:45.386530 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-384950317 | 2024-04-03T07:02:02.737757
22 / tcp

1584412971 | 2024-04-11T21:11:40.314090
80 / tcp

1584412971 | 2024-04-11T21:11:45.386530
443 / tcp