GeneralInformation

Hostnames	cdn-upload.puzzel.org 136-144-241-160.colo.transip.net
Domains	puzzel.org transip.net
Country	Netherlands
City	Rotterdam
Organization	TRANSIP 136 144 192 0
ISP	Signet B.V.
ASN	AS20857
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 5000

-1985791306 | 2024-05-31T08:45:56.875389

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDT0dbt2ZgpPMk4IPvtFkRDngT3FSDm2agwaPeD+HQ7A926
BHmOVINb2C3Bc62NvKd1wmLtGT0nfWbwxdjVBDGOtrJm1DG7QFBZLYi5+91+qi2KItFPM7CeyVFf
0ZkGDko2Ub7mdrQbbTf/6jzHrNdUvQlqJXe8Fz8Kz7EZboIkHsuPaQ2/vgB+TpNHgZLyzXpyXPQP
sIy02aHQ/hRyKOXjWvw5Cb6OOHxJ+FB8L1H0RnN9bZJ0q6LXqWmViyA9xkouW0DESN+iIrdRTMpN
Yy/BI2SG4L1rWeVbjpVv01lfHhK4bz4VdYyHStIOj+CGaTLXa1cRVHLZIzn5nSha6fRjipGdZXRH
TVgZ0WZv/SZ/6954qHX3TDE5MS0iAANjqJl6tRCNgKSDYSfBzdfh11Wr7XO+E3bz/uNvWGGPLIgH
+Z+0dAgDYfyv4k1pfMj26YS87oA/WB17yBzkqIp+N5HCggNqRjzuieuFCVCGGj5TkAAj3gIHAjcF
S7Y+9ueDDEc=
Fingerprint: 0f:04:46:eb:23:20:ca:a8:7f:ef:d4:b0:87:fa:56:5b

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-05-28T21:24:49.055527

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 May 2024 21:24:48 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 25 Sep 2020 08:34:48 GMT
Connection: keep-alive
ETag: "5f6daba8-264"
Accept-Ranges: bytes

-1060095501 | 2024-05-31T09:06:00.548323

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 May 2024 09:06:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c2:12:3c:0e:8f:01:af:fd:3d:ca:ae:46:53:2f:7e:40:d7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: May 15 10:04:26 2024 GMT
            Not After : Aug 13 10:04:25 2024 GMT
        Subject: CN=cdn-upload.puzzel.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:fa:e5:15:fd:c4:4a:02:9a:64:92:75:d6:db:
                    62:e4:36:a2:67:83:82:8b:36:88:c4:2b:cf:5e:2a:
                    f5:30:d6:26:48:4e:46:9e:fd:b4:ff:82:a0:64:12:
                    98:9a:15:bb:c6:61:6f:34:85:b3:93:be:b5:36:58:
                    35:bd:2a:fc:87:8e:11:1b:da:8c:9b:9a:75:3d:06:
                    ae:c7:73:e8:fc:00:75:40:71:a9:c2:62:3a:67:b4:
                    99:7e:cd:f9:2e:25:7f:2a:a1:df:f1:b8:92:ba:c0:
                    e0:83:c2:61:a1:3c:31:b0:01:c9:42:bc:87:e8:be:
                    7f:00:9c:1d:fe:4e:7c:d5:73:6c:ac:7f:cd:df:24:
                    54:cc:ef:cf:f0:b4:15:05:19:9e:bb:61:49:77:d2:
                    91:e6:39:04:84:72:64:d4:a1:84:78:4b:5a:2b:57:
                    5b:10:a5:f6:8a:01:b0:bc:de:47:ca:01:06:6e:f3:
                    e1:7f:1a:ad:61:35:be:b0:f1:c6:29:66:ff:cc:97:
                    30:30:f7:c3:34:c0:a6:fb:09:91:f0:41:43:ae:61:
                    f3:0d:cd:a5:6d:64:48:7f:db:a1:0a:fe:9e:6d:37:
                    f8:09:39:9d:53:9f:6b:ac:28:1d:d1:26:e8:1d:05:
                    01:f3:26:f4:e6:8e:89:03:89:f8:3f:cf:b6:c8:a5:
                    48:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                53:F9:39:41:55:3C:A3:06:1D:89:13:61:91:1F:66:78:0E:C0:91:BD
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:cdn-upload.puzzel.org
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : May 15 11:04:26.682 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6B:F7:70:E1:B9:61:B1:68:EB:05:B2:43:
                                02:0C:13:79:7A:60:FD:30:61:75:08:CA:0C:EE:1D:D5:
                                3C:D4:DB:52:02:21:00:C8:4F:DD:7A:6C:65:62:0E:50:
                                33:D4:52:69:69:23:16:6F:8D:08:38:FC:8B:E5:F6:17:
                                B3:69:62:76:49:A2:0F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : May 15 11:04:26.682 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:09:EC:E9:C5:00:91:8B:D7:BD:F6:7E:1A:
                                80:31:9A:EA:15:AF:B4:51:28:AE:BF:41:85:40:72:87:
                                97:3F:C0:8B:02:20:5C:8D:56:F3:DD:81:4B:C6:21:99:
                                70:F1:0C:65:B4:13:13:A7:DF:60:B5:40:C2:A0:46:7F:
                                8D:10:6F:F9:9B:D8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        04:e9:11:d6:69:2f:1d:aa:30:ef:9b:d1:3c:ce:e4:55:d3:71:
        92:c2:71:5a:18:b0:84:5b:3b:fd:0a:4a:ce:64:b4:3f:25:c9:
        77:d2:80:4b:ae:b2:51:18:a4:e8:e6:61:3d:8f:d0:36:5c:26:
        86:c4:45:c5:f4:e8:84:34:95:20:9e:61:bd:4b:29:da:b8:43:
        1a:a9:01:34:8d:e2:04:d8:a4:c3:5b:be:84:04:39:84:29:21:
        52:1b:d1:42:94:4e:fa:29:7c:82:ae:8c:c7:b0:30:82:f5:14:
        4a:8c:0b:eb:64:23:2c:be:56:bd:71:a8:2a:19:b5:3b:34:1e:
        cf:8f:9c:b5:3d:b7:dc:c2:07:9c:7c:cb:fd:06:60:aa:fe:84:
        d5:2a:3a:35:fb:d4:d2:7c:87:ee:ca:88:d8:13:10:ee:5e:b8:
        89:bd:4c:c8:79:28:8a:64:02:e1:08:91:33:0e:b8:5c:50:87:
        fd:99:08:39:8e:f4:9e:1e:98:83:d7:6b:47:48:b7:c2:ea:de:
        65:b9:13:d0:a3:3e:4b:06:01:56:5c:94:4f:a5:3e:a1:ad:9c:
        0a:a7:68:4a:50:54:fd:9a:9b:d8:b6:39:43:fd:9e:1c:ee:f7:
        9d:17:f5:ea:4d:c0:3e:77:8f:72:9f:15:0b:33:bb:b3:0c:d2:
        a4:36:79:18

-1060095501 | 2024-05-14T16:03:11.850763

5000 / tcp

HTTP/1.1 404 Not Found
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 139
Date: Tue, 14 May 2024 16:03:11 GMT
Connection: keep-alive

136.144.241.160

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1985791306 | 2024-05-31T08:45:56.875389
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-28T21:24:49.055527
80 / tcp

nginx1.18.0

-1060095501 | 2024-05-31T09:06:00.548323
443 / tcp

nginx1.18.0

-1060095501 | 2024-05-14T16:03:11.850763
5000 / tcp

Products

Pricing

Contact Us

136.144.241.160

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1985791306 | 2024-05-31T08:45:56.875389 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-28T21:24:49.055527 80 / tcp

nginx1.18.0

-1060095501 | 2024-05-31T09:06:00.548323 443 / tcp

nginx1.18.0

-1060095501 | 2024-05-14T16:03:11.850763 5000 / tcp

Products

Pricing

Contact Us

-1985791306 | 2024-05-31T08:45:56.875389
22 / tcp

1651973090 | 2024-05-28T21:24:49.055527
80 / tcp

-1060095501 | 2024-05-31T09:06:00.548323
443 / tcp

-1060095501 | 2024-05-14T16:03:11.850763
5000 / tcp