GeneralInformation

Hostnames	zabbix.tigstecnologia.com.br
Domains	tigstecnologia.com.br
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	Clifton
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

Miscellaneous

Zabbix

Programming languages

PHP

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

22 80 443

1464537652 | 2024-06-01T01:06:17.053164

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDlixSkeH+KNC2dD5cfrJDZjTK/ldfCD+m/jEyarecuu59b
GboIDjF0wQDdyBX9VuIrNe5alauPZnwCHZgIWI+Fc6UicFXhhBkFR8ERdkVr3ah3KmDJpShVHWCT
chZ4XB8UDwnVRJQwqLgqRX33f5UiC58tHnwcehtj2QV0hVYZ9b8SgPcNb5GCPsoBvwPbhB0pkyYD
r+Skc4uARTf7VQkfq9GhRyB9FNoLplpzkSO8PiUE52bsOukoRyaJGAzqV4bZuraP4XAozP0QKrxA
FpTuZG0IVMSnzONtL+UNOgFHkR036IhMPhzBjHH+yPIuIV6lyqRDnmuD+MbXgJtDq/aWXFqJgBN2
VCIbnOJEtneCmgmDl4teHlGHwWs152UEp7Ok+/554Oid4RBEvSUth459+cAxZyVIG9PGUoXcE+gM
MTcrFi++hOk/JWcev2b0n35NAQEuDYx4ahs91H/SW0Xs9sRAFVF3/0uM9RioQs911yHnU/EcyTAb
rtjVnFrkxMs=
Fingerprint: 1f:51:6d:f3:28:d4:78:c9:72:c6:8d:3f:2f:00:bf:fc

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-05-22T17:32:58.625772

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 22 May 2024 17:32:58 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Thu, 25 Apr 2024 15:05:29 GMT
Connection: keep-alive
ETag: "662a7139-264"
Accept-Ranges: bytes

-920857849 | 2024-05-29T20:55:16.796844

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 29 May 2024 20:55:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5254
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiJmMjVjZjAzYjc1NGZmNzcwZjE0NDVjYTAxZjU0MTg0ZiIsInNpZ24iOiI3MTAxYWY2Yzg3MWRkYjQ2MDhhNWY0MzgxMjFlOGRmMDgxZWYzNzg3NmRkYTNhZTY3M2ViM2E0NmRkMmVlM2Y2In0%3D; HttpOnly

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:42:9a:3e:37:fb:ac:c1:89:60:f9:58:98:d3:26:93:db:fa
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 25 14:22:39 2024 GMT
            Not After : Jul 24 14:22:38 2024 GMT
        Subject: CN=zabbix.tigstecnologia.com.br
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a4:9a:bd:cb:23:24:17:bc:53:cd:95:27:68:d7:
                    d2:71:17:fb:d4:ce:0e:2e:53:c7:c1:b4:f2:6a:87:
                    07:cc:86:52:72:7a:22:a3:d9:b5:cf:78:b7:70:f4:
                    5f:3d:ec:a3:d7:ac:a7:41:e6:3f:a4:df:a5:44:51:
                    e6:22:c8:9c:c7:aa:d3:f9:da:b7:4c:d4:ec:6d:a4:
                    99:54:48:75:01:9d:76:f9:31:fe:c9:54:34:93:b3:
                    e1:53:ba:d3:81:2e:0f:59:ce:1e:42:dd:20:3f:52:
                    fa:cf:a0:5b:6b:74:d1:44:f9:ef:b6:9f:e4:9b:b1:
                    81:f9:d7:0e:e3:aa:f7:8e:a4:77:62:67:92:2f:b9:
                    9f:92:b3:32:25:42:9c:5e:30:6e:21:06:d4:6e:e3:
                    83:31:47:b9:07:59:58:c0:0b:ff:05:69:8c:2a:b6:
                    c8:39:52:77:a7:3c:6d:d7:e9:ff:ba:d7:26:cf:2e:
                    39:af:cc:59:7d:f1:f9:99:cb:d3:d1:75:3f:34:d1:
                    31:42:49:8c:8f:05:72:05:0f:64:4c:70:7e:5a:f4:
                    cf:57:16:d5:8d:7f:ff:6a:4f:77:fd:72:60:b2:76:
                    db:ff:4f:94:dc:5f:19:35:e7:92:d3:b4:3c:0f:d8:
                    77:09:6d:25:a0:03:32:0e:fe:8f:09:99:72:ce:01:
                    e4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                51:0A:C3:90:85:52:C6:55:94:AB:91:AE:B5:8D:D5:A6:B9:2D:1E:3F
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:zabbix.tigstecnologia.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 25 15:22:39.719 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:11:11:0D:80:CA:70:D1:74:66:CB:F8:52:
                                E0:BC:BB:60:B8:DD:6C:AE:58:7F:CD:7E:71:41:79:CB:
                                A1:5B:AC:A7:02:20:43:EE:FE:17:64:87:0C:12:32:FF:
                                FD:43:F4:B0:56:1D:A3:F2:1E:A7:D8:CC:D4:E4:B1:A6:
                                50:AF:63:E9:85:C6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 25 15:22:39.707 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:0D:E1:D0:F8:0F:E9:04:AD:FE:29:B5:31:
                                75:30:F5:DB:E1:DA:90:C0:AD:E3:0B:C9:40:49:5F:2E:
                                15:62:3C:F1:02:21:00:A5:B8:22:3D:9D:DB:6C:CC:EB:
                                D3:C2:8A:66:E3:0A:72:73:8C:11:30:64:4C:FF:7C:A2:
                                44:06:49:83:C4:0D:0C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a1:ce:56:12:83:e1:3d:9e:10:11:9f:a0:7b:b9:4a:3c:d8:d4:
        f1:c9:af:b4:ec:97:a2:b3:70:23:b0:a9:e2:79:77:46:c5:c0:
        de:42:f1:45:3e:b6:9e:16:6c:07:fa:de:ae:c5:03:ba:5b:ea:
        25:d2:a9:2e:82:4b:a4:3d:91:f7:23:56:a0:1c:e0:e6:05:1f:
        68:35:70:0c:1a:b4:5d:77:7f:83:37:1e:00:e7:e3:1a:09:d1:
        b2:2a:f9:d9:e0:f6:07:6d:b6:6c:dd:26:41:a9:ca:ae:2b:68:
        7d:1e:6a:fb:41:d7:50:7f:30:9c:9b:3e:ab:1c:d9:c4:16:48:
        d9:b6:3a:24:ac:51:67:6c:4e:cf:a7:ca:c0:f1:50:42:44:38:
        b2:c2:6c:aa:2b:63:11:34:98:95:81:38:c2:6a:38:49:7b:ee:
        52:cf:78:a6:29:bc:4c:23:96:3d:41:87:f3:db:1a:48:75:0b:
        4e:e6:ea:77:6c:7b:b7:23:71:9f:23:89:cc:e2:21:27:51:d1:
        bf:cf:e9:e8:b0:23:dd:cb:87:ce:ad:95:27:82:9a:01:74:4a:
        07:7e:ba:0d:a2:70:fb:c5:0e:5f:e5:72:26:68:28:3b:aa:72:
        48:8f:0b:7c:b9:89:f4:d4:28:2f:fa:d4:b8:ba:df:86:98:8c:
        1a:4f:8c:db

174.138.89.142

Last Seen: 2024-06-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1464537652 | 2024-06-01T01:06:17.053164
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-22T17:32:58.625772
80 / tcp

nginx1.18.0

-920857849 | 2024-05-29T20:55:16.796844
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

174.138.89.142

Last Seen: 2024-06-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1464537652 | 2024-06-01T01:06:17.053164 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-22T17:32:58.625772 80 / tcp

nginx1.18.0

-920857849 | 2024-05-29T20:55:16.796844 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1464537652 | 2024-06-01T01:06:17.053164
22 / tcp

1651973090 | 2024-05-22T17:32:58.625772
80 / tcp

-920857849 | 2024-05-29T20:55:16.796844
443 / tcp