GeneralInformation

Hostnames	consejosinnovadores.fun
Domains	consejosinnovadores.fun
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-8331	6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677	6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

22 80 443 3001

1758588943 | 2024-04-03T21:00:25.517450

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOGuyxKWVIlWNkhVimwYGyV+
31MaIkCcPGVXxvBkt18t0hzi+MwLqrIs2e16KQNYi7NJsxGxOoJiHHPvWb0ZppY=
Fingerprint: fa:b3:34:6b:5c:17:ef:74:4a:18:9b:50:c2:c0:cc:e0

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-04-17T18:09:33.004763

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 18:09:32 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive
Vary: Accept-Encoding

978861870 | 2024-04-15T00:20:50.229468

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 15 Apr 2024 00:20:49 GMT
Content-Type: text/html
Content-Length: 64481
Connection: keep-alive
Vary: Accept-Encoding
ETag: "63b4f545-fbe1"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d1:56:c0:e3:90:45:d7:97:8f:b7:df:1d:28:eb:32:3a
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=AT, O=ZeroSSL, CN=ZeroSSL ECC Domain Secure Site CA
        Validity
            Not Before: Feb 27 00:00:00 2024 GMT
            Not After : May 27 23:59:59 2024 GMT
        Subject: CN=consejosinnovadores.fun
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:49:c2:a7:48:21:34:00:67:ec:9f:bd:a8:53:a1:
                    13:03:fa:86:c6:06:f3:fa:97:53:20:d6:a7:c3:41:
                    97:cb:23:01:23:c6:9e:ec:68:36:c7:db:79:a8:b6:
                    f6:9b:32:5d:43:32:b1:e4:d7:e7:47:3b:74:f7:3d:
                    da:ea:af:44:28
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                0F:6B:E6:4B:CE:39:47:AE:F6:7E:90:1E:79:F0:30:91:92:C8:5F:A3
            X509v3 Subject Key Identifier: 
                31:19:D3:14:D9:B8:EA:C8:9D:05:D9:BA:31:AD:93:60:7C:F4:29:5B
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.78
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt
                OCSP - URI:http://zerossl.ocsp.sectigo.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Feb 27 19:54:09.696 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3E:B4:E5:4D:A1:43:FC:B5:8F:BE:C4:B0:
                                0C:98:64:7F:C4:0D:D1:BB:DB:B9:11:06:EB:45:82:29:
                                D8:9F:19:B1:02:21:00:A0:EC:03:38:95:02:4B:DA:66:
                                AA:F5:2A:EB:64:EE:A4:F9:52:54:34:52:50:5D:C3:47:
                                29:1E:28:DF:58:D1:C5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 27 19:54:09.815 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7C:D8:94:76:5B:B8:12:4C:DA:4A:D8:8E:
                                B4:11:50:48:D5:10:FD:02:9E:68:B4:4A:DF:13:69:35:
                                80:03:E5:FE:02:20:73:ED:9C:2C:5B:EC:61:D4:8F:FA:
                                C4:65:63:46:35:6B:9A:B3:BC:1F:4B:F1:9A:36:6B:75:
                                C5:3A:F5:3E:21:DA
            X509v3 Subject Alternative Name: 
                DNS:consejosinnovadores.fun
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:31:00:c7:82:71:15:5b:40:eb:31:f1:44:25:48:b1:
        a3:f0:8c:b4:cf:c0:28:58:49:ac:17:76:cf:7c:fb:ef:54:63:
        42:a5:4f:60:c2:e5:cc:80:43:cc:b0:b5:7d:e8:77:82:50:02:
        30:74:9e:d6:a2:93:44:3d:94:b6:c2:1d:37:e9:7e:db:7f:44:
        62:a1:68:55:40:ec:75:9e:03:93:b6:7f:a3:0f:88:78:72:2d:
        9b:27:ce:a7:b0:5a:c6:1b:80:79:1a:ae:f3

-1060095501 | 2024-04-19T22:35:59.962584

3001 / tcp

HTTP/1.1 404 Not Found
X-Powered-By: Express
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 139
Date: Fri, 19 Apr 2024 22:35:59 GMT
Connection: keep-alive
Keep-Alive: timeout=5

SSL Certificate

Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number:
            7d:41:13:32:eb:28:7e:40:03:e2:a9:c7:c7:f2:e6:6e:d4:f0:fd:85
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BR, ST=Minas Gerais, L=Belo Horizonte, O=123 TECNOLOGIA, OU=123TAPRONTO, CN=123tapronto.com/emailAddress=suporte@123tapronto.com
        Validity
            Not Before: Mar 21 13:45:55 2023 GMT
            Not After : Mar 16 13:45:55 2043 GMT
        Subject: C=BR, ST=Minas Gerais, L=Belo Horizonte, O=123 TECNOLOGIA, OU=123TAPRONTO, CN=123tapronto.com/emailAddress=suporte@123tapronto.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a7:83:04:72:23:0e:fd:9b:1e:24:91:6e:cb:99:
                    ae:d0:86:36:2f:c7:7e:c5:38:36:f6:e6:f5:6a:7e:
                    28:26:b7:12:fc:f8:c0:d2:7e:eb:8c:18:9e:d8:46:
                    30:2c:85:f5:e5:b0:91:6b:fc:78:20:89:2b:75:6d:
                    96:f1:61:81:dd:d8:e6:6a:a0:90:5a:4b:c1:e6:43:
                    f6:f0:94:d8:c2:06:e9:0b:14:8c:b5:a6:84:e4:7c:
                    f6:30:fd:a1:e3:eb:20:85:46:16:e6:15:ac:a9:8d:
                    c1:ca:de:47:e3:b5:f3:b2:d0:a2:56:2e:f4:41:f3:
                    87:d4:c7:71:3c:e7:b7:d7:95:49:ca:4c:33:91:75:
                    f4:dd:cc:1d:c3:99:6b:11:aa:5f:ed:f0:0d:ae:41:
                    a0:a2:8c:7c:b9:f1:81:a1:da:ed:76:97:78:c4:de:
                    c9:c2:1b:21:a9:73:9c:6c:79:f6:01:2f:10:b1:70:
                    2c:63:85:eb:4f:5b:32:5b:16:14:c3:b2:ea:50:d5:
                    03:3f:4d:af:fc:92:81:c2:19:cd:05:0f:7d:e8:0b:
                    c8:c9:ca:c1:3f:a0:c7:be:45:67:bd:43:81:f8:05:
                    e7:bd:e6:3f:1d:61:25:86:4d:82:24:dc:1c:8b:4e:
                    94:d3:5d:c9:27:39:82:87:00:ac:23:b3:2a:ee:54:
                    36:6f
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        16:a1:47:1b:cb:07:7d:1f:d6:85:db:e3:0d:06:0d:42:97:97:
        c2:6d:0a:be:10:da:5e:92:59:b4:c6:69:c8:86:09:bb:03:5f:
        92:cc:cc:c7:df:90:b3:df:0a:6b:df:9a:78:4d:f1:39:45:4a:
        4d:c7:20:c0:57:73:83:79:61:1a:fc:b9:72:a0:e2:37:e6:ca:
        cc:7b:62:ee:df:a9:9a:6d:00:71:c6:a1:c4:77:84:29:1d:06:
        44:91:8a:c3:ca:6d:17:e8:f8:69:f6:fb:de:03:b0:4a:c4:58:
        be:dd:1e:65:4b:5d:e1:b2:ce:e4:9b:0b:e3:b8:b5:65:84:8e:
        2a:4f:ff:da:ab:5e:d4:aa:ef:6d:0f:70:02:16:58:4f:c1:20:
        b4:3c:be:54:e3:cd:97:8f:d7:ac:d2:c1:93:d9:a6:d9:2d:89:
        85:a6:16:cc:63:35:01:f2:59:ef:c5:28:19:40:64:61:fa:55:
        8a:1a:a5:c5:b1:ed:fd:c2:f0:1e:36:99:75:ab:88:d2:e7:61:
        4b:eb:47:f1:02:0f:2c:31:ca:ef:84:34:d2:51:3a:b6:0f:86:
        17:43:46:a2:2a:a5:d8:ed:84:99:8d:db:91:fb:b7:6b:da:a9:
        d2:29:17:c4:3b:3b:6c:2f:92:ba:1b:10:03:17:5a:82:2a:77:
        44:94:e9:57

167.99.152.71

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1758588943 | 2024-04-03T21:00:25.517450
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

677579724 | 2024-04-17T18:09:33.004763
80 / tcp

nginx1.18.0

978861870 | 2024-04-15T00:20:50.229468
443 / tcp

nginx1.18.0

-1060095501 | 2024-04-19T22:35:59.962584
3001 / tcp

Products

Pricing

Contact Us

167.99.152.71

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1758588943 | 2024-04-03T21:00:25.517450 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

677579724 | 2024-04-17T18:09:33.004763 80 / tcp

nginx1.18.0

978861870 | 2024-04-15T00:20:50.229468 443 / tcp

nginx1.18.0

-1060095501 | 2024-04-19T22:35:59.962584 3001 / tcp

Products

Pricing

Contact Us

1758588943 | 2024-04-03T21:00:25.517450
22 / tcp

677579724 | 2024-04-17T18:09:33.004763
80 / tcp

978861870 | 2024-04-15T00:20:50.229468
443 / tcp

-1060095501 | 2024-04-19T22:35:59.962584
3001 / tcp