GeneralInformation

Hostnames	sql14836.dreamhostps.com
Domains	dreamhostps.com
Country	United States
City	Ashburn
Organization	New Dream Network, LLC
ISP	New Dream Network, LLC
ASN	AS26347

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 25 80 123 3306

-492281986 | 2024-05-03T08:13:05.629695

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.5
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAkzCUT1hby99ELrctUqrDnG
95vyTz3u00EvBfiBD5GNeieMEgwyQMx1IYyHPckyF2L5AS36H9ktQ3Fwr6dtnQU=
Fingerprint: 56:df:ca:b9:c2:21:0a:7c:ee:cd:1d:93:d0:67:ec:9c

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com
	chacha20-poly1305@openssh.com

MAC Algorithms:
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com

Compression Algorithms:
	none
	zlib@openssh.com

1836778113 | 2024-04-13T18:35:56.563166

25 / tcp

220 ubuntu ESMTP Postfix (Ubuntu)
250-ubuntu
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:0b:81:d3:a0:fd:7f:ef:02:e7:4a:5b:ef:34:23:12:aa:4f:e9:9a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=runner-tyllit1z-project-527-concurrent-0
        Validity
            Not Before: Jun 28 19:16:08 2023 GMT
            Not After : Jun 25 19:16:08 2033 GMT
        Subject: CN=runner-tyllit1z-project-527-concurrent-0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:3a:91:81:d2:0f:99:ba:a5:61:f7:79:41:f0:
                    19:6a:0e:3d:d1:59:2a:1e:a5:f4:ee:58:ed:14:c0:
                    05:f3:d9:a2:ea:75:9f:37:7c:be:9d:2a:96:05:90:
                    4b:5b:7f:5b:29:30:e0:40:08:d5:97:c3:7d:8e:10:
                    b1:aa:9f:10:97:04:3e:56:a8:ef:90:8b:f5:59:9e:
                    89:13:f4:5d:be:a9:77:7c:b0:49:7e:11:fb:47:c8:
                    7d:e9:b5:68:d0:6b:62:3e:d6:ed:87:32:07:ee:f8:
                    f7:d1:61:63:02:49:6a:75:28:58:27:6d:a3:4b:c7:
                    3e:d9:a6:aa:3e:88:e5:79:4b:32:d0:03:00:65:b6:
                    e9:a8:e0:a5:75:36:05:97:80:36:b2:b5:8b:b3:18:
                    ed:0d:00:21:d0:92:11:b5:73:f9:e7:5f:d6:23:45:
                    68:8d:4b:58:c4:e8:6e:fa:a7:a7:4e:a6:49:47:ac:
                    14:e3:5d:a6:2b:06:54:0b:2a:6c:85:0f:ae:33:6d:
                    68:6c:ab:62:1b:d6:38:f6:03:fa:a2:cd:d0:60:bf:
                    83:d2:bb:b5:c0:e8:ec:9f:5f:78:a0:75:94:7d:d2:
                    86:dc:c8:a9:07:d1:ff:e3:ff:4f:96:e7:73:55:22:
                    32:d3:7b:d1:04:1b:f6:be:46:4a:da:cf:0c:72:4f:
                    e8:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:runner-tyllit1z-project-527-concurrent-0
            X509v3 Subject Key Identifier: 
                EF:7B:F7:B8:ED:FB:8D:3B:4E:81:77:DD:5C:7B:84:AF:A7:34:60:D2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        58:9f:a2:b8:56:23:6a:ea:11:b9:db:06:3a:66:71:16:e6:c5:
        0c:9a:43:d8:f8:d7:34:d7:89:85:dd:dc:e7:a4:bf:ea:06:68:
        cc:4c:f2:ca:c9:d9:0a:6c:86:72:a4:91:73:01:c4:a2:3e:a6:
        a4:d8:04:da:aa:53:91:1d:99:92:72:07:43:ad:e9:c6:eb:19:
        93:21:cf:64:84:45:1c:c8:c8:41:56:97:d7:c0:27:be:61:08:
        f3:66:fc:a3:3b:57:bf:a5:97:da:01:1b:3f:5c:24:d3:d2:c6:
        17:12:bf:d6:3a:e3:fc:c7:e9:6a:a0:5e:e5:64:0b:29:cf:1d:
        3c:77:9a:8b:92:73:3b:50:60:5a:c4:db:f5:99:cf:ec:0b:93:
        b5:80:3a:14:5e:82:f1:77:4c:22:e8:9a:2c:ab:4e:61:4f:59:
        c5:52:83:f4:74:79:3a:fc:f1:e5:80:e2:7e:27:b7:3d:54:00:
        2f:b0:cb:30:51:07:84:e8:28:54:0d:9c:cc:de:1a:d6:08:06:
        45:4e:67:ba:ef:eb:a8:57:79:f5:0e:1b:9e:89:d1:66:73:a2:
        95:38:c0:c7:82:cc:af:5f:d3:6d:a0:d1:1b:ff:09:73:01:ee:
        f8:48:97:c7:ce:58:64:49:09:0a:67:9a:62:6d:ed:42:53:12:
        79:7a:73:b0

589765266 | 2024-05-05T01:09:55.356200

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 05 May 2024 01:09:55 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://east1-phpmyadmin.dreamhost.com/signon.php?pma_servername=173.236.142.148

284727510 | 2024-05-08T18:02:20.223889

123 / udp

NTP
protocolversion: 3
stratum: 3
leap: 0
precision: -23
rootdelay: 0.0141448974609
rootdisp: 0.0339660644531
refid: 180986896
reftime: 3924179663.73
poll: 3

-2105859950 | 2024-05-09T00:46:15.199898

3306 / tcp

MySQL:
  Error Message: Host '224.161.113.186' is not allowed to connect to this MySQL server
  Error Code: 1130

173.236.142.148

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-492281986 | 2024-05-03T08:13:05.629695
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.5

1836778113 | 2024-04-13T18:35:56.563166
25 / tcp

Postfix smtpd

589765266 | 2024-05-05T01:09:55.356200
80 / tcp

nginx1.18.0

284727510 | 2024-05-08T18:02:20.223889
123 / udp

-2105859950 | 2024-05-09T00:46:15.199898
3306 / tcp

MySQL

Products

Pricing

Contact Us

173.236.142.148

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-492281986 | 2024-05-03T08:13:05.629695 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.5

1836778113 | 2024-04-13T18:35:56.563166 25 / tcp

Postfix smtpd

589765266 | 2024-05-05T01:09:55.356200 80 / tcp

nginx1.18.0

284727510 | 2024-05-08T18:02:20.223889 123 / udp

-2105859950 | 2024-05-09T00:46:15.199898 3306 / tcp

MySQL

Products

Pricing

Contact Us

-492281986 | 2024-05-03T08:13:05.629695
22 / tcp

1836778113 | 2024-04-13T18:35:56.563166
25 / tcp

589765266 | 2024-05-05T01:09:55.356200
80 / tcp

284727510 | 2024-05-08T18:02:20.223889
123 / udp

-2105859950 | 2024-05-09T00:46:15.199898
3306 / tcp