GeneralInformation

Hostnames	7.thub.lol
Domains	thub.lol
Country	United States
City	Las Vegas
Organization	FranTech Solutions
ISP	FranTech Solutions
ASN	AS53667
Operating System	Debian

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 22 80 443

-1148265699 | 2024-04-08T06:39:00.323909

21 / tcp

220 ProFTPD Server (Debian) [209.141.49.176]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO    RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
 ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
 STOR    STOU    APPE    REST    ABOR    RANG    USER    PASS    
 ACCT*   REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@localhost
211-Features:
 CLNT
 EPRT
 EPSV
 HOST
 LANG en-US*
 MDTM
 MFF modify;UNIX.group;UNIX.mode;
 MFMT
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
 RANG STREAM
 REST STREAM
 SITE COPY
 SITE MKDIR
 SITE RMDIR
 SITE SYMLINK
 SITE UTIME
 SIZE
 TVFS
 UTF8
211 End

-1653535722 | 2024-04-14T11:47:16.036017

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDNaWjhNDsERcnrMBygBV1xgllefXnzJ09IvfRzwr+onXFP
LJT/lwzdiDMDCkt3B8IgZXimpVH2YLNvbKSddyE0aAyslXes7b48kj5tqW28R6Y3TVoBk3mcUUjH
PVKzkNp+8YBaTZKuJqZ5cnTvhmDMjWZ+SHpqSsCzmuQXWa7r1yEMHSUXbA17aGmtAtiI8fleL7xq
WRuuIRrSd5lTmZTdFfUtlFRgSlzYAp7ClJtuVKwBzyy90gWwj6/8QmP6nAJCSdlV4uzmm0gH6hz5
qqg9D4Kw89cJaQl2Na2LHttJic0VUSfSiI8LaSuhbdHRxyI8HKnyQe9WAjkvz7p+XUGqzs36wEjU
mXAcVQ2RL7m4hQeTJgQJXYnEyU62OBJk616r9/yoWl2Cyc/XHmOC5TtRi50lxJoWnse9c+0qOLc9
0bvL3Kkos/pZGxuQ2UlxECuZ6QyiuGN76OArw8d21SuNwbAlgX/EbwhMgXJf20yBxs0OknyHWgR4
UMJw7pcoTfU=
Fingerprint: 18:f7:18:cc:de:6c:02:2a:a4:b0:7f:83:7e:c3:05:37

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1584412971 | 2024-04-13T07:41:40.827220

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 13 Apr 2024 07:41:40 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://7.thub.lol/

-2098053163 | 2024-04-12T09:38:08.533550

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0
Date: Fri, 12 Apr 2024 09:38:08 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:2c:5b:d6:86:d8:31:cb:ba:0a:04:dd:e1:c1:8f:04:25:16
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 22 20:29:02 2024 GMT
            Not After : Jun 20 20:29:01 2024 GMT
        Subject: CN=7.thub.lol
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a9:7d:8b:9c:32:ac:6f:55:08:7a:a6:a4:6e:72:
                    65:8d:6a:48:17:e2:75:b1:40:b6:c0:2f:4a:67:c0:
                    45:d0:49:0d:08:ab:94:f3:bd:44:d1:20:bf:68:41:
                    16:12:b1:2b:fa:4f:70:80:ef:d1:17:f9:07:36:7e:
                    63:9b:11:4d:64:0f:0f:5f:c0:05:45:ba:f3:c7:88:
                    ef:a4:19:90:8b:48:88:1f:30:79:0e:8e:85:bc:62:
                    1f:10:cf:9f:87:62:22:4d:39:09:9e:04:2f:e1:79:
                    3e:cd:03:ac:77:ee:09:02:94:e4:53:d4:18:60:8a:
                    d4:2b:b6:50:51:06:da:75:39:e4:72:20:02:05:ba:
                    f0:38:d0:ad:a3:b0:5b:e0:21:2f:38:a8:96:08:98:
                    50:f5:f4:c8:56:07:a9:e6:51:56:d2:0f:24:fa:a4:
                    ec:b7:40:61:68:c2:ec:e0:1f:fd:ce:9f:6d:f5:58:
                    2e:07:9e:4c:4c:a1:0b:51:84:11:69:7a:8c:99:4e:
                    85:61:73:62:70:2e:95:c8:e8:89:34:76:f3:d0:b7:
                    04:17:50:c0:a2:b9:09:7b:5c:eb:ca:c1:b6:e4:68:
                    59:d5:13:cc:62:cd:2d:a9:ce:81:a6:0e:ea:df:f3:
                    88:b1:1a:90:d1:80:cd:fb:15:4f:e0:54:9d:35:4f:
                    69:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FD:98:BA:73:FC:FD:D5:80:F0:6B:EB:85:5A:74:07:37:E6:91:71:9C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:7.thub.lol
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 22 21:29:03.039 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D8:AE:E4:6E:B6:DD:D4:97:33:99:CC:
                                65:9A:39:94:80:83:3E:03:D9:9D:8F:AD:39:55:8E:30:
                                04:75:10:25:E6:02:20:09:A7:2D:91:E1:EB:D9:B3:22:
                                1E:84:52:16:7F:C3:3E:19:F7:43:BE:75:95:94:16:C2:
                                B5:2D:6E:B1:E7:1D:70
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 22 21:29:03.108 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C1:DD:BC:52:68:7C:A0:9E:CA:07:7E:
                                FD:D1:14:CB:1F:AD:5A:F2:CC:3F:1F:D4:63:9A:13:AE:
                                64:B2:9D:88:13:02:20:30:C9:34:49:8A:3B:B6:6E:8B:
                                7A:72:B5:E6:E1:7E:68:52:8F:05:F0:DF:91:56:A6:E3:
                                65:3E:81:4A:6F:B7:EF
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        17:04:b1:32:a8:ca:61:1e:02:f4:5a:7d:ba:4d:ec:da:8c:5a:
        60:e8:f6:6a:05:f2:76:e1:5d:d3:4c:83:3d:15:49:ba:57:f1:
        d2:51:91:89:ed:bc:21:85:b5:76:cf:40:fe:b1:d2:be:ae:7e:
        df:67:fc:d3:32:ef:25:79:ad:0d:40:75:6c:cb:97:98:3f:5d:
        5a:f5:a0:7c:7a:8b:46:b4:ec:b3:15:31:37:28:46:c2:8b:d6:
        b6:90:27:cc:27:ec:cd:dc:0c:55:09:3e:80:ce:b9:ed:41:9a:
        62:76:7f:f3:fc:b6:dd:8e:57:f2:ec:99:b8:16:0c:2b:26:58:
        e3:96:4c:98:b5:c5:89:41:8e:b4:06:fb:c9:36:bd:8a:68:ad:
        fc:ff:1d:1b:51:09:6b:5f:34:d8:8a:15:1c:5d:df:f0:da:62:
        19:7c:42:bb:e3:4f:26:b3:65:61:f8:7e:37:14:4f:2c:76:8c:
        d6:f0:8b:18:62:d7:a3:58:a9:0d:49:25:de:72:b0:4e:d1:09:
        10:b2:7c:31:36:7f:37:66:e9:22:2c:1a:b7:23:5c:e9:4c:be:
        28:f4:75:53:2c:c4:db:52:a5:cb:aa:78:41:bb:9e:c5:4e:a9:
        e6:5a:8d:87:d2:93:46:62:27:05:08:67:93:f9:db:c9:d6:43:
        36:4d:e6:26

209.141.49.176

Last Seen: 2024-04-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1148265699 | 2024-04-08T06:39:00.323909
21 / tcp

-1653535722 | 2024-04-14T11:47:16.036017
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

1584412971 | 2024-04-13T07:41:40.827220
80 / tcp

nginx1.18.0

-2098053163 | 2024-04-12T09:38:08.533550
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

209.141.49.176

Last Seen: 2024-04-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1148265699 | 2024-04-08T06:39:00.323909 21 / tcp

-1653535722 | 2024-04-14T11:47:16.036017 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

1584412971 | 2024-04-13T07:41:40.827220 80 / tcp

nginx1.18.0

-2098053163 | 2024-04-12T09:38:08.533550 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-1148265699 | 2024-04-08T06:39:00.323909
21 / tcp

-1653535722 | 2024-04-14T11:47:16.036017
22 / tcp

1584412971 | 2024-04-13T07:41:40.827220
80 / tcp

-2098053163 | 2024-04-12T09:38:08.533550
443 / tcp