GeneralInformation

Hostnames	medium1.ams2.softlation.com api.softlation.com
Domains	softlation.com
Cloud Provider	DigitalOcean
Cloud Region	nl-nh
Country	Netherlands
City	Amsterdam
Organization	Digital Ocean, Inc.
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 3306 8010 8888

-1235779361 | 2024-05-11T17:43:27.599450

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 11 May 2024 17:43:27 GMT
Content-Type: text/html
Content-Length: 867
Last-Modified: Sun, 26 Oct 2014 08:19:53 GMT
Connection: keep-alive
ETag: "544caea9-363"
Accept-Ranges: bytes

1651973090 | 2024-05-04T21:23:01.713661

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 21:23:01 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 14:09:01 GMT
Connection: keep-alive
ETag: "5e9efe7d-264"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:4b:7b:0a:c0:0b:a2:45:46:49:29:3a:f5:81:fe:6a:fb:c9
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: May 16 17:19:18 2021 GMT
            Not After : Aug 14 17:19:18 2021 GMT
        Subject: CN=api.softlation.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e8:d6:82:4a:eb:39:ad:23:54:fa:f9:f2:fd:79:
                    bc:d6:3c:f4:f6:d5:db:d3:01:1d:fb:89:26:9c:eb:
                    96:85:9c:7f:02:09:1b:64:0e:46:8b:24:11:e4:18:
                    9a:7c:bf:98:2c:88:08:72:7b:fd:89:45:29:0b:3e:
                    46:f2:15:a6:f2:4d:78:43:a1:b0:d2:df:7d:b3:39:
                    56:ab:94:d9:86:07:8f:50:b0:20:17:43:6b:ac:91:
                    d9:4a:d9:ce:83:ee:d5:c6:3e:5f:58:f8:43:a6:e0:
                    f2:2a:1c:75:c7:69:d1:a8:a4:49:e3:db:2c:7f:d9:
                    d7:d4:35:30:a9:86:a0:9a:cd:4a:21:1c:0d:03:2d:
                    04:7b:01:b5:a3:c1:47:21:e7:c1:1a:d4:94:af:f1:
                    92:95:9d:89:b8:c0:22:be:8e:0c:0e:f2:ff:a7:ae:
                    0d:1b:00:70:42:bd:c9:12:1a:d9:46:89:6b:63:8e:
                    b8:8a:d1:89:8c:87:3c:c6:1c:74:fd:2e:10:78:39:
                    00:38:21:e1:5f:73:d5:b3:0d:f0:be:9a:70:8b:52:
                    c4:ec:b4:9b:ed:d2:c4:27:17:ac:62:68:69:e2:59:
                    0b:d7:a8:b6:8c:0a:aa:5f:54:15:d3:f3:b6:c0:2c:
                    c0:08:dc:c1:9c:c9:79:dc:9e:f5:7a:1b:52:4e:ad:
                    e7:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                17:C4:FA:2A:14:7F:AD:EA:25:D7:95:EB:EF:20:6A:4C:8F:75:C6:6C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.softlation.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
                                15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
                    Timestamp : May 16 18:19:18.143 2021 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7A:86:70:A5:5F:DC:BE:E8:55:A1:FC:97:
                                68:DA:57:F6:C8:ED:D4:9D:2A:B1:B4:E2:CD:FE:E2:64:
                                6C:52:48:8C:02:21:00:CE:11:2E:2A:C4:E4:44:CD:06:
                                74:CD:A2:12:C3:CE:F8:61:8B:29:F1:A2:1E:B5:CD:DE:
                                FC:DF:87:85:40:5B:9A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
                                E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
                    Timestamp : May 16 18:19:18.098 2021 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F5:E3:92:1C:67:94:F1:09:28:EA:1E:
                                65:A3:68:92:A9:58:FD:BC:74:D2:15:16:33:55:E4:27:
                                9A:3F:F9:B5:6F:02:20:5B:27:7C:C0:12:E8:DB:EE:4C:
                                90:BA:22:D5:AD:3C:F3:0E:47:8D:5E:B6:A5:14:FB:DD:
                                28:F4:64:F4:B0:2A:65
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0b:8f:21:be:2c:a8:a7:63:f2:87:ee:82:08:f8:9a:0c:18:42:
        9b:a8:7e:7b:6c:5b:f9:80:45:98:76:b8:5f:4a:94:eb:22:bc:
        49:9a:e9:ca:01:e1:7f:70:af:95:bb:ac:6c:1e:3c:f9:72:11:
        42:88:50:8e:d4:b8:b3:88:2a:29:4a:02:d7:7d:13:24:5e:fa:
        5f:cb:a2:17:63:6b:cb:50:51:70:67:10:58:74:66:f0:f8:f2:
        4b:81:45:4d:55:30:3e:4f:6d:5e:8b:3b:b4:20:9b:45:ab:58:
        3e:85:89:c0:3c:c1:a7:25:2b:65:e3:9b:24:f9:38:e2:6f:be:
        15:2a:a7:23:de:2a:38:62:8f:3f:9d:30:84:0e:93:35:2e:89:
        2c:c1:80:aa:c8:fc:86:ee:67:2c:94:d0:28:33:4f:6e:93:b9:
        3b:b7:b1:f9:2f:69:d1:f6:b0:9f:3f:c2:11:46:18:74:7f:90:
        64:b7:da:b1:96:01:f2:61:82:1c:3d:34:56:2c:4c:3d:de:c8:
        ab:45:fe:94:56:6a:59:43:34:64:a0:55:41:42:1f:ab:1e:f9:
        67:65:db:7e:dd:c7:06:b6:dc:6c:1c:b3:6e:d5:96:3c:a0:bc:
        b7:82:c8:a7:39:38:6a:f9:87:59:29:9f:c4:67:4d:40:34:e3:
        c6:3e:a1:1e

1039697990 | 2024-05-06T21:52:24.469859

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.3.39-MariaDB-0ubuntu0.20.04.2-log
  Capabilities: 63486
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 33215
  Authentication Plugin: mysql_native_password

694877851 | 2024-05-13T17:35:29.755089

8010 / tcp

HTTP/1.1 302 Found
Server: nginx/1.19.6
Date: Mon, 13 May 2024 17:35:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://my.160.30:8000/
Vary: Accept-Language, Cookie
Content-Language: en-us

-379417289 | 2024-05-12T06:24:17.069842

8888 / tcp

HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Date: Sun, 12 May 2024 06:24:16 GMT
Content-Length: 30

188.226.160.30

Last Seen: 2024-05-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1235779361 | 2024-05-11T17:43:27.599450
80 / tcp

nginx1.18.0

1651973090 | 2024-05-04T21:23:01.713661
443 / tcp

nginx1.18.0

1039697990 | 2024-05-06T21:52:24.469859
3306 / tcp

MariaDB10.3.39-MariaDB-0ubuntu0.20.04.2-log

694877851 | 2024-05-13T17:35:29.755089
8010 / tcp

nginx1.19.6

-379417289 | 2024-05-12T06:24:17.069842
8888 / tcp

Products

Pricing

Contact Us

188.226.160.30

Last Seen: 2024-05-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1235779361 | 2024-05-11T17:43:27.599450 80 / tcp

nginx1.18.0

1651973090 | 2024-05-04T21:23:01.713661 443 / tcp

nginx1.18.0

1039697990 | 2024-05-06T21:52:24.469859 3306 / tcp

MariaDB10.3.39-MariaDB-0ubuntu0.20.04.2-log

694877851 | 2024-05-13T17:35:29.755089 8010 / tcp

nginx1.19.6

-379417289 | 2024-05-12T06:24:17.069842 8888 / tcp

Products

Pricing

Contact Us

-1235779361 | 2024-05-11T17:43:27.599450
80 / tcp

1651973090 | 2024-05-04T21:23:01.713661
443 / tcp

1039697990 | 2024-05-06T21:52:24.469859
3306 / tcp

694877851 | 2024-05-13T17:35:29.755089
8010 / tcp

-379417289 | 2024-05-12T06:24:17.069842
8888 / tcp