GeneralInformation

Hostnames	dev.api.icarius.2digits.dev
Domains	2digits.dev
Cloud Provider	DigitalOcean
Cloud Region	nl-nh
Country	Netherlands
City	Amsterdam
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3306

-327368579 | 2024-04-29T20:34:48.214861

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCuOEX27IXmCXLZkQFyvM53upeBHat2bB8BGlSdxFH+7BH/
85XfaGTYIZclL8THsnaJw7Oee7bquZZ+LVGJDFSu+UHotLedjJ4qJqKd5YR4cOF/pkd5b0s05S92
Zyld8SDSxXaXHAVfk9L+gUWX7SoAJjD2OAzK0O2XjXnLvemF/CSm/onlhDfR5q1Czln+v5WQx2Mp
r3npCAPG9H7e2TPrg+vQlc0ABlg4k1tqz/0MU6hSHq1sR1arCWIM8fhazEEJArsifeRfRzJ+FkLA
D3CXfszMQZQiQNK+aS53UEDPJbX0IpcLka/I7pIOi72puUyPY/82q5HnG2U5MCMme/jy0ZwXheiq
K/LCmMCKgLybjNp/YTS7zWuxAh67k1eih0GlrF4uRc82Hq853TSgisZuyo/spkKzbgVv7pWBa/Il
uYIUIGMmn9TOQtbCL5OIgFeMwM+rPwB2S6GzzcDod38L/7ZmVsf7rGVvc2usDBRginnHvJuhB1tB
ZmSeyH1hUJ8=
Fingerprint: 9a:4e:fe:e9:3c:b9:c3:bb:66:99:ac:c7:7b:59:21:cc

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-04-27T21:06:55.612255

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 27 Apr 2024 21:06:55 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

780672404 | 2024-04-30T01:53:51.132785

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 30 Apr 2024 01:53:51 GMT
Content-Type: text/html
Content-Length: 568
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:43:1d:c2:b1:27:99:be:69:0c:89:15:17:db:c6:8e:34:73
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 12 12:01:43 2024 GMT
            Not After : Jul 11 12:01:42 2024 GMT
        Subject: CN=dev.api.icarius.2digits.dev
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:3a:5c:b1:c6:35:15:0e:c8:3a:00:87:df:8c:
                    6c:a4:7e:ed:96:b7:66:c6:06:ff:db:11:30:9d:76:
                    e5:d1:74:ab:73:7d:62:0e:d4:c2:6c:5b:bc:c9:be:
                    bd:0d:61:dd:c3:31:e3:31:fd:3a:02:3b:22:19:bf:
                    30:3d:88:02:f0:0d:c0:96:08:55:d2:2d:20:88:ba:
                    7f:20:95:a4:0f:7b:3d:8d:7b:44:ec:54:f7:49:88:
                    9a:1a:e3:3d:1d:14:3d:fa:fd:e1:30:47:5e:b8:e1:
                    72:b5:44:2e:11:d3:a1:16:06:62:0b:7d:e5:dd:cf:
                    e9:61:92:b1:90:d4:26:18:64:a3:50:be:7d:14:24:
                    15:21:04:73:a9:ba:52:f8:9a:27:39:e1:ca:7d:6f:
                    fb:23:38:a3:ca:48:49:49:10:93:29:4c:f3:18:4a:
                    4e:6c:26:99:11:05:54:d0:ba:08:e4:f9:b3:f5:e3:
                    f2:37:ba:d6:9a:7b:94:cc:d3:95:fe:34:a0:78:0b:
                    11:7e:ae:46:92:8e:83:04:ef:31:7e:93:ea:5e:b8:
                    80:05:89:cc:2a:70:6d:23:a7:2e:46:25:a9:70:bd:
                    01:86:6d:cf:da:24:a9:c8:3d:09:c4:ec:91:e6:63:
                    b9:3e:bd:96:13:74:cb:bf:bb:71:4e:d9:b5:2c:1f:
                    b0:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                09:74:91:07:23:68:2C:F0:29:C3:56:F1:FF:83:08:22:50:BC:EF:C0
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:dev.api.icarius.2digits.dev
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 12 13:01:43.261 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:03:9C:A2:93:71:B9:FE:39:A0:1D:59:79:
                                04:12:3E:9D:BA:C5:27:B9:17:96:56:E1:8B:DD:4B:C6:
                                73:FC:76:58:02:21:00:A3:6B:5F:6B:22:0A:66:9F:38:
                                25:06:9F:5B:C5:8A:38:F4:AF:81:8C:BE:1F:E6:60:C3:
                                ED:2F:CC:46:D8:62:23
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Apr 12 13:01:43.483 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E2:C6:C1:78:A3:FD:29:92:0D:1F:1B:
                                FA:08:9D:F1:6D:B7:08:D4:98:9F:14:C8:66:09:0B:A3:
                                E0:47:45:DF:D0:02:20:77:97:35:E2:6F:19:5F:A5:FC:
                                DE:3F:B1:01:8D:9E:A3:DF:0D:4A:35:39:DF:44:8B:CB:
                                59:2A:A1:6C:A6:26:E0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0e:ce:d0:ae:ee:8c:53:65:1c:b4:63:04:90:ac:28:dd:b1:6a:
        26:03:d1:54:cd:fc:1e:24:8f:33:0e:f9:2b:27:28:17:fe:f2:
        44:b7:f2:50:e4:b5:81:d0:c5:02:b4:c1:6b:de:06:5b:fe:55:
        ba:65:0f:ef:1b:f2:9e:81:32:aa:0b:ae:aa:30:2f:84:a6:f4:
        7a:a5:16:d3:e1:e0:36:36:b9:56:6f:08:a6:a8:50:45:78:09:
        18:e8:df:34:53:80:e6:88:a0:84:6f:a9:3f:8e:36:b1:60:e5:
        90:a5:b9:c0:e8:49:44:a9:11:a8:f5:78:fe:8f:3e:ad:e6:1e:
        8a:f4:55:a5:8b:73:f0:de:57:df:f4:9b:27:49:c5:00:82:c1:
        08:39:e6:cb:5d:4f:11:79:9e:1f:93:69:d5:13:78:5c:e3:a9:
        2e:ea:c2:5b:59:40:10:c9:3c:f7:9d:19:bf:52:2c:fd:cc:71:
        16:f2:9a:9a:ea:ec:49:21:7d:f6:5f:06:7a:60:dd:8b:3d:3d:
        fe:b9:a7:1b:a5:8e:d2:e4:5a:5e:e7:d4:a7:90:84:c6:a2:88:
        ce:d8:b3:8d:22:67:f8:cb:bf:13:0d:e7:d1:e8:78:a0:e6:89:
        c0:58:78:72:0c:01:34:52:96:7c:f6:b5:de:cc:8b:2d:c1:d5:
        77:f9:34:b7

748751232 | 2024-05-02T03:01:52.380926

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.36-0ubuntu0.20.04.1
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

157.245.77.123

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-327368579 | 2024-04-29T20:34:48.214861
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

677579724 | 2024-04-27T21:06:55.612255
80 / tcp

nginx1.18.0

780672404 | 2024-04-30T01:53:51.132785
443 / tcp

nginx1.18.0

748751232 | 2024-05-02T03:01:52.380926
3306 / tcp

MySQL8.0.36-0ubuntu0.20.04.1

Products

Pricing

Contact Us

157.245.77.123

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-327368579 | 2024-04-29T20:34:48.214861 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

677579724 | 2024-04-27T21:06:55.612255 80 / tcp

nginx1.18.0

780672404 | 2024-04-30T01:53:51.132785 443 / tcp

nginx1.18.0

748751232 | 2024-05-02T03:01:52.380926 3306 / tcp

MySQL8.0.36-0ubuntu0.20.04.1

Products

Pricing

Contact Us

-327368579 | 2024-04-29T20:34:48.214861
22 / tcp

677579724 | 2024-04-27T21:06:55.612255
80 / tcp

780672404 | 2024-04-30T01:53:51.132785
443 / tcp

748751232 | 2024-05-02T03:01:52.380926
3306 / tcp