GeneralInformation

Hostnames	labelplug.co api.labelplug.co
Domains	labelplug.co
Country	Netherlands
City	Eindhoven
Organization	IP Connect Inc
ISP	IP Connect Inc
ASN	AS213373
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000 5000

336248565 | 2024-04-29T12:50:15.915282

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDpHEOTeVDyOTzejbQ1L2Eqh2DMZVhcE5FMwlSo/E+20Anf
AqzLTMxuNufgx1y6en5rxE/Op2ZSYCNwKVUkyhkteWB4SichWo8M4Hj7tKq3dJWHxypmWHFXWGiZ
anu5YR3Am/+USXFOn719OLUD1OVmJyfv9NWVY2Q5GIivUjqoAee4PaEw11BHb3ZbhA8m1XdDMlMZ
lTuDxFXV/stIcnd/ROenUZLmChTdMU5Lb2SDCcU+J9zqR8h1AtAM3aodS7lK6p4TmG3zRC2Kl8bf
7KOjtDh/2bmJeXBENczt9TxOmPUOPop2E96GzTURQLpwUUB5zaWykx6gY4ufYRgjKMFpU8oYWn8U
OVqY6wQHVvGt5OioXA7bzfn7w3BIXty4H3BpMO34GlfKmHWUGRa1xutv64Q1ugESxQQrO0Yi72Dz
z0Ntgmi0nz3O7lln2treacykDAV+BbKtYtBPLtflgKRPgrOYePWyMz+t/Fz4sjUzWIECl/mxi12/
VGCEkez4oVU=
Fingerprint: b3:1d:2e:94:49:6a:ea:50:66:5d:72:b4:71:aa:e2:27

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-23T21:07:29.460483

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 23 Apr 2024 21:07:29 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Mon, 05 Feb 2024 19:33:22 GMT
Connection: keep-alive
ETag: "65c13802-264"
Accept-Ranges: bytes

-922861937 | 2024-04-27T23:24:00.160378

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 27 Apr 2024 23:24:00 GMT
Content-Type: application/json
Content-Length: 48
Connection: keep-alive
Vary: Origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c7:ec:da:b8:15:35:b0:a9:f9:a5:0e:e9:fe:bb:13:2c:e3
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  5 21:19:59 2024 GMT
            Not After : Jul  4 21:19:58 2024 GMT
        Subject: CN=labelplug.co
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:31:c0:04:f0:71:13:d7:11:35:9c:45:05:83:4b:
                    17:8c:42:4a:0c:75:06:82:02:5b:c3:5a:c7:d2:5f:
                    fb:30:86:a9:8f:79:9d:66:5d:9a:62:a6:58:1f:a4:
                    05:db:79:04:0a:b8:c3:df:5e:4d:4a:1a:46:44:e6:
                    d8:cd:12:8c:a4
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FF:61:F5:5A:00:1A:9F:CA:84:D0:C4:8E:53:26:E7:39:85:D7:46:ED
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.labelplug.co, DNS:labelplug.co
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr  5 22:19:59.258 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E8:08:FE:DA:71:F6:8F:44:B0:4A:B0:
                                C8:59:9D:52:F9:07:9B:28:1A:40:13:53:6C:B5:6B:BF:
                                BA:1E:D0:82:59:02:20:17:6C:71:99:F9:4E:A0:CB:B3:
                                5B:80:88:A8:47:C2:66:56:78:FD:6E:26:AB:5F:53:B6:
                                80:A6:78:EE:23:6C:8B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr  5 22:19:59.246 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3B:8D:61:ED:47:3B:3F:5B:15:AD:8F:14:
                                3A:DF:CC:4B:47:7D:8C:C4:6D:D8:BE:04:BB:62:AC:C4:
                                B8:7A:68:CF:02:21:00:C4:02:E4:FB:97:F6:B3:91:9E:
                                B0:24:49:B8:CB:5C:4F:E0:0C:AB:B2:8D:FD:EA:EB:E6:
                                B3:1E:EA:A6:BF:53:E1
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2e:97:67:ed:b2:74:41:2e:a3:a3:9d:5e:47:d3:f0:35:18:68:
        29:b3:96:98:87:46:f3:8f:e1:09:34:0c:8b:b3:14:74:f0:2b:
        43:15:1b:ea:84:53:59:cb:e9:88:02:42:bb:ea:b2:ea:4b:5c:
        ff:fd:fa:cc:34:4d:e0:3a:da:39:1d:73:cc:e3:29:b4:7b:cf:
        28:a8:2f:a6:bf:1a:3b:6b:a7:e4:30:0a:31:dd:b1:a6:73:bc:
        f9:8e:88:61:44:8b:0c:eb:ff:7c:03:82:a6:59:7b:d8:f7:b0:
        77:3d:89:28:55:01:6a:8e:dc:27:a6:cf:94:54:eb:e3:9c:41:
        49:8d:99:69:e3:96:05:5d:8a:d5:e1:88:1b:39:22:f4:b5:35:
        ef:fa:d6:72:2e:f8:cb:2e:b5:37:5a:8f:31:6c:3d:9e:3b:8d:
        5a:9d:c3:6a:f1:18:7a:ea:50:c2:bb:fd:3c:f7:c9:e6:08:9d:
        22:65:dc:6e:58:e7:a9:01:6d:a6:19:48:9f:48:19:90:86:5a:
        09:b3:fc:f9:7f:37:9d:f4:24:f6:b9:97:30:75:c2:6d:61:f1:
        6a:23:fb:87:be:28:de:3b:af:b3:7d:1e:b4:59:11:87:f9:b8:
        b4:24:89:9f:3d:9f:08:40:25:e7:90:f7:c8:43:88:98:06:e7:
        9a:13:25:96

1743461493 | 2024-04-09T22:16:43.471935

3000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Next.js
ETag: "150e532iids1di"
Content-Type: text/html; charset=utf-8
Content-Length: 1782
Vary: Accept-Encoding
Date: Tue, 09 Apr 2024 22:16:38 GMT
Connection: keep-alive
Keep-Alive: timeout=5

-922861937 | 2024-04-20T21:59:07.200139

5000 / tcp

HTTP/1.1 404 Not Found
Content-Type: application/json
Vary: Origin
Date: Sat, 20 Apr 2024 21:59:07 GMT
Content-Length: 48

2.56.10.114

Last Seen: 2024-04-29

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

336248565 | 2024-04-29T12:50:15.915282
22 / tcp

OpenSSH8.9p1 Ubuntu-3

1651973090 | 2024-04-23T21:07:29.460483
80 / tcp

nginx1.18.0

-922861937 | 2024-04-27T23:24:00.160378
443 / tcp

nginx1.18.0

1743461493 | 2024-04-09T22:16:43.471935
3000 / tcp

-922861937 | 2024-04-20T21:59:07.200139
5000 / tcp

Products

Pricing

Contact Us

2.56.10.114

Last Seen: 2024-04-29

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

336248565 | 2024-04-29T12:50:15.915282 22 / tcp

OpenSSH8.9p1 Ubuntu-3

1651973090 | 2024-04-23T21:07:29.460483 80 / tcp

nginx1.18.0

-922861937 | 2024-04-27T23:24:00.160378 443 / tcp

nginx1.18.0

1743461493 | 2024-04-09T22:16:43.471935 3000 / tcp

-922861937 | 2024-04-20T21:59:07.200139 5000 / tcp

Products

Pricing

Contact Us

336248565 | 2024-04-29T12:50:15.915282
22 / tcp

1651973090 | 2024-04-23T21:07:29.460483
80 / tcp

-922861937 | 2024-04-27T23:24:00.160378
443 / tcp

1743461493 | 2024-04-09T22:16:43.471935
3000 / tcp

-922861937 | 2024-04-20T21:59:07.200139
5000 / tcp