GeneralInformation

Hostnames	autosmotos.alaxatechtesting.lat
Domains	alaxatechtesting.lat
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3306 8021

1574750675 | 2024-04-23T12:30:22.847242

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYAooFu7RRi+EpeHGua/0Ps
yjYVc0SiQoTACmjNQDz/wDnNjFir0bcZ05e9iqOYFiwT/U4LGw3I5S2u4ExOtpA=
Fingerprint: 42:5c:29:e8:e2:60:8b:45:87:53:15:f2:18:97:e2:ed

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1608893591 | 2024-05-01T07:01:56.465845

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 07:01:56 GMT
Content-Type: text/html
Content-Length: 614
Last-Modified: Sun, 21 May 2023 22:02:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "646a94e3-266"
Accept-Ranges: bytes

780672404 | 2024-05-03T08:44:38.617431

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 03 May 2024 08:44:38 GMT
Content-Type: text/html
Content-Length: 568
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:d4:b2:43:fd:15:b7:2c:45:aa:98:1e:ea:95:21:12:0b:7c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 10 15:41:18 2024 GMT
            Not After : Jun  8 15:41:17 2024 GMT
        Subject: CN=autosmotos.alaxatechtesting.lat
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:79:9c:01:8e:44:64:d3:a0:66:a8:25:32:e0:e5:
                    43:02:49:84:f7:db:32:b7:c2:7f:7a:3c:a8:31:76:
                    5a:19:67:d8:94:90:29:4b:e7:46:0c:0c:33:83:de:
                    8f:37:6d:b6:44:44:37:fd:96:14:79:92:bc:77:37:
                    11:ad:b7:4b:07
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                40:C5:CA:BE:FE:9D:80:3C:F8:77:83:D5:C1:EE:92:5B:AD:AB:A7:8C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:autosmotos.alaxatechtesting.lat
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 10 16:41:18.625 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7C:02:BB:A2:C3:0B:00:A6:A9:24:C5:40:
                                4B:60:48:AA:8B:11:54:56:0F:2F:39:21:FA:09:EE:B5:
                                8D:44:6C:B6:02:21:00:D9:64:BA:8E:FF:57:B8:AB:F5:
                                4E:48:01:F8:71:C8:16:41:A8:58:5C:19:C5:56:5F:42:
                                64:CA:6D:93:AF:59:C2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 10 16:41:18.698 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:C0:A1:6E:4B:9B:8F:37:5B:FF:D4:C8:
                                84:55:8B:B6:D8:00:0A:30:46:69:86:F0:9D:D4:85:37:
                                96:8E:B8:F4:0E:02:21:00:EA:F7:7B:EA:71:78:30:A8:
                                D8:75:27:5B:C3:3B:C0:2C:43:8E:74:F4:DF:BD:2B:41:
                                78:19:EA:B9:06:94:60:A6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2b:75:54:32:2d:6f:d1:46:6e:d1:c4:07:81:a4:95:23:bd:59:
        d8:5a:86:78:84:31:14:74:d5:2a:60:ab:d0:e0:cd:27:7c:af:
        8f:2e:a3:fc:9f:a7:47:e3:e5:98:05:eb:fb:9b:fd:5f:65:33:
        a9:52:bb:f2:e7:e5:76:82:b8:63:9e:0f:fd:0f:b6:15:2a:69:
        56:d0:11:a1:76:44:5c:f3:2d:af:74:1b:44:8c:55:02:11:08:
        a6:fc:b2:72:e4:45:8b:17:48:6e:9c:55:f8:33:09:69:55:40:
        36:d8:a1:f6:30:ee:69:f0:c4:38:c4:41:b6:7f:37:b0:8a:61:
        41:e4:85:7f:73:46:ea:5c:eb:b5:67:c0:6a:3d:1e:aa:d5:c2:
        65:a9:1f:be:4f:f2:e6:a3:4d:0c:b3:48:22:6b:38:b4:fa:9a:
        34:33:b7:48:32:f3:cb:3b:2f:6c:3a:70:f9:fe:8b:c0:92:8a:
        b7:bf:e3:11:d4:cc:4a:15:66:3d:78:cc:86:21:a8:92:bc:c4:
        bd:92:df:c6:ac:09:5a:fc:ad:8e:de:8f:5b:96:f2:4c:81:87:
        38:05:34:8e:50:ba:c4:86:2c:24:67:aa:51:b9:72:39:85:97:
        3d:9e:0c:0c:9e:f6:78:d9:03:94:dd:96:6a:3e:f5:a5:8d:00:
        46:6a:a9:20

225015788 | 2024-04-27T11:36:44.310363

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.36-0ubuntu0.22.04.1
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

-1264071599 | 2024-05-02T12:06:25.309939

8021 / tcp

220 (vsFTPd 3.0.5)\r\n

147.182.218.75

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1574750675 | 2024-04-23T12:30:22.847242
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1608893591 | 2024-05-01T07:01:56.465845
80 / tcp

nginx1.18.0

780672404 | 2024-05-03T08:44:38.617431
443 / tcp

nginx1.18.0

225015788 | 2024-04-27T11:36:44.310363
3306 / tcp

MySQL8.0.36-0ubuntu0.22.04.1

-1264071599 | 2024-05-02T12:06:25.309939
8021 / tcp

vsftpd3.0.5

Products

Pricing

Contact Us

147.182.218.75

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1574750675 | 2024-04-23T12:30:22.847242 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1608893591 | 2024-05-01T07:01:56.465845 80 / tcp

nginx1.18.0

780672404 | 2024-05-03T08:44:38.617431 443 / tcp

nginx1.18.0

225015788 | 2024-04-27T11:36:44.310363 3306 / tcp

MySQL8.0.36-0ubuntu0.22.04.1

-1264071599 | 2024-05-02T12:06:25.309939 8021 / tcp

vsftpd3.0.5

Products

Pricing

Contact Us

1574750675 | 2024-04-23T12:30:22.847242
22 / tcp

1608893591 | 2024-05-01T07:01:56.465845
80 / tcp

780672404 | 2024-05-03T08:44:38.617431
443 / tcp

225015788 | 2024-04-27T11:36:44.310363
3306 / tcp

-1264071599 | 2024-05-02T12:06:25.309939
8021 / tcp