GeneralInformation

Hostnames	cover1.snaptoken.finance
Domains	snaptoken.finance
Cloud Provider	DigitalOcean
Cloud Region	us-ca
Country	United States
City	Santa Clara
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

1085921403 | 2024-04-12T22:13:12.918792

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC8PtNXK0i5oAHr4Gj6jM/g+uPKDwc4LOau7+mjCpbNG796
aIcoUyhJsQY8Wh3/wE6bS3bidI8EoqFXX46pz8bfIGSD8uDSsT9H9FlU74Cxet6fX1Yfjbi6Vymo
N9Gg8jh1xlgo4SgPtY0gDjBaVMDHHlKyJVMFz7JBCyiiyXflXhUaw2m+07jcv10VIrFxpb/2rRm6
5cQPZbsDpVLCZWCuVXMEqzSnZHcrZY/leZooCdyHBZGTVxXorpdqlCJpT+5QI6MD71KhoD31dkv4
20dPDDl1KSh928aAJb7HIpREdR+G2Zujwfyjx0VW+kt6RZHNs2jz4jBR+slHu+0LQk05u4NqmdKN
G/MOwNyfwJlrP8F+25UF5OQvnNv1wKmjQZLwWKwGoX7HRJeE+RhX//ALbvbWzTc275XdeRdaCSpL
T90S/KGDXQrSCTphqopPgbpp/LxhkjhNLlCqTwnYjUMCEcmtayitdYhEPaHkjvPXQxBdAd7WdxK7
qPOytCv2zHE=
Fingerprint: 71:1a:88:dc:24:f2:da:38:5b:4a:e0:44:5b:59:e2:99

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-18T02:14:52.334420

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 02:14:52 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 14:09:01 GMT
Connection: keep-alive
ETag: "5e9efe7d-264"
Accept-Ranges: bytes

251540755 | 2024-04-17T02:01:58.814728

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 02:01:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:3d:16:ae:3e:5f:89:77:d9:a8:53:ff:44:8e:83:fa:8a:cd
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 28 21:46:06 2024 GMT
            Not After : May 28 21:46:05 2024 GMT
        Subject: CN=cover1.snaptoken.finance
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cd:ea:c5:b3:18:b2:59:14:32:cf:97:60:e7:25:
                    8f:e0:2a:44:f9:a2:3a:1d:d4:08:8b:07:c5:0f:80:
                    18:92:b7:bc:96:59:b3:5b:62:b8:f0:ec:bb:93:35:
                    21:24:73:d4:bd:fa:0e:70:7b:1c:5b:8c:65:ea:db:
                    e3:a6:ad:5e:56:26:97:99:a6:22:83:77:9e:49:6c:
                    f9:7a:49:60:8d:07:7f:24:35:5a:14:71:c0:c2:cb:
                    61:a8:27:80:1c:bb:a7:30:1e:ae:9b:d3:a9:ef:a3:
                    74:57:e5:9c:bb:8f:ee:b0:b9:b0:bf:4b:2c:7e:3b:
                    7b:ff:6d:7e:39:4a:60:43:bb:bc:b1:16:f5:40:18:
                    c4:43:23:87:ce:d1:0d:5b:c8:ae:cd:f8:45:1e:6e:
                    f5:73:19:47:e2:72:9e:80:4b:ef:bd:80:be:16:18:
                    3a:d8:48:10:25:d7:b2:20:03:cb:d3:0d:64:1f:31:
                    0d:5c:9d:84:cc:23:0b:33:ed:42:6e:9f:40:14:2a:
                    5f:fb:ef:c1:a1:35:4f:93:20:04:a0:fc:e8:1e:54:
                    b7:74:81:85:8d:a7:cd:58:01:fe:60:c0:46:b9:c5:
                    58:6b:25:38:f0:9b:2e:dc:f7:04:57:b1:23:6b:60:
                    82:11:0f:4c:40:5a:09:8f:4f:11:2e:47:81:9f:6e:
                    f6:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6E:F0:1C:06:9E:02:84:29:AD:7B:74:28:1C:6B:57:77:0B:EC:29:C9
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:cover1.snaptoken.finance
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 28 22:46:06.496 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:33:FD:86:9B:A6:41:47:BF:EC:FE:F5:9C:
                                EC:47:C1:E9:8B:F2:01:D4:DF:EF:DE:7E:B4:B1:24:F6:
                                99:F0:EE:29:02:20:18:DA:D3:76:A6:7A:5D:78:D7:E8:
                                25:82:E7:71:2C:A1:9A:AC:C9:F2:2E:17:21:A2:33:41:
                                59:71:60:D6:F2:5B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb 28 22:46:06.499 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F1:0C:B4:50:2F:FD:56:03:DC:33:2D:
                                58:44:03:55:03:2F:8B:62:BA:BD:2D:89:A1:56:AA:89:
                                55:FA:C2:1B:D6:02:21:00:9E:A3:4C:69:D7:1E:46:1B:
                                64:50:B1:8D:8F:CE:E2:4C:D9:C9:88:C5:28:F5:EE:91:
                                20:C9:BD:3E:60:C8:27:ED
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        39:2c:e7:a8:1a:3d:c6:0a:e2:67:9e:50:63:f8:a3:30:5b:1a:
        7c:ee:49:0e:31:1c:89:05:ba:cf:90:d1:1e:d3:a3:6c:38:93:
        74:0d:69:be:23:7d:84:72:5c:c3:65:d6:3a:88:b4:b8:1a:9d:
        14:57:ce:41:4b:fc:25:47:45:03:e4:8d:3b:94:38:97:4d:d9:
        a3:2d:68:42:0c:52:46:a4:3f:84:8c:23:e1:bf:b3:39:ec:53:
        fb:6e:4d:1a:86:c7:a4:a1:97:d2:93:66:10:62:5d:2a:47:43:
        e8:3f:95:4b:7e:91:68:36:02:35:ce:80:c6:e2:d5:c6:46:ec:
        c5:1a:c3:6d:f2:c3:d8:c1:b3:13:91:cd:48:04:6e:ce:7e:57:
        13:59:ec:73:82:37:b9:b2:56:6a:23:51:ee:7f:da:a3:5b:00:
        c6:18:71:21:58:51:3b:58:0f:cb:d3:63:bf:3b:e0:3c:4c:34:
        c0:38:73:95:bf:47:ef:b1:2c:7d:58:f5:c8:d3:83:d4:57:30:
        e9:20:5f:e3:af:22:9e:0b:56:49:a3:3b:80:a5:b0:cc:c0:07:
        9e:88:69:db:85:93:c7:6b:f8:00:68:d8:1b:1d:ed:b8:5a:fc:
        b3:47:51:84:c0:99:d8:6b:50:1c:37:b9:95:dd:69:56:4d:fe:
        3c:b0:c1:1f

164.90.146.173

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1085921403 | 2024-04-12T22:13:12.918792
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-18T02:14:52.334420
80 / tcp

nginx1.18.0

251540755 | 2024-04-17T02:01:58.814728
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

164.90.146.173

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1085921403 | 2024-04-12T22:13:12.918792 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-18T02:14:52.334420 80 / tcp

nginx1.18.0

251540755 | 2024-04-17T02:01:58.814728 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1085921403 | 2024-04-12T22:13:12.918792
22 / tcp

1651973090 | 2024-04-18T02:14:52.334420
80 / tcp

251540755 | 2024-04-17T02:01:58.814728
443 / tcp