GeneralInformation

Hostnames	15.thub.lol
Domains	thub.lol
Country	United States
City	Las Vegas
Organization	FranTech Solutions
ISP	FranTech Solutions
ASN	AS53667

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 22 80 443

-859684089 | 2024-04-13T06:14:57.663157

21 / tcp

220 ProFTPD Server (Debian) [209.141.49.71]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO    RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
 ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
 STOR    STOU    APPE    REST    ABOR    RANG    USER    PASS    
 ACCT*   REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@localhost
211-Features:
 CLNT
 EPRT
 EPSV
 HOST
 LANG en-US*
 MDTM
 MFF modify;UNIX.group;UNIX.mode;
 MFMT
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
 RANG STREAM
 REST STREAM
 SITE COPY
 SITE MKDIR
 SITE RMDIR
 SITE SYMLINK
 SITE UTIME
 SIZE
 TVFS
 UTF8
211 End

2141531760 | 2024-04-11T08:54:25.458633

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDqmb8+3V0oGnsIJ4Aql5LSdo4qgKJy+SOdylyv0N/c8JOB
gmERA9oC6ZFlXcI2OqLt2D8GyUA/6wxl4artPJHEq1VV3VHyzngYrSSNoAoYcrJchVtRA5+efTFV
c656b02O641u9u+as8Grd+BtZAPMLQ+wjQ2VW8k34JXRFUtjXpfaFrEqYrs4qBYPfbt7T48l2VwH
VfJwx4WVmzrV0CAUv/O5Ie142nYOTOpRwhxOZukQqFKu45TSIepp2loPzkTE5wt5XOaULS4UEBUB
wxv9h+5cd4j5Ccrwo1wYdIxxKhGtumVRRxC7SJ80eCQVTCoZCZStD7LiOYZ2m0ZjadXzcDEn+jB5
SdcDauYz9fp31Wak9eL1Xn17r5HSVKNJa6oRi42/Dze+UrhiRws+TgoB0YgCnnQuIoKqx5sXX5vk
sYdeVmAT3EzpuaGP/Yb6A+R+JsKxS3DouR3oZcnBceSfHmP6hlkg+MgTwvPm9MHDGEXrjwmln5x/
RxT0zmONNHk=
Fingerprint: 28:96:66:d6:ef:f9:80:21:dd:22:de:8b:c4:16:4a:0d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1584412971 | 2024-04-18T15:24:32.420051

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Thu, 18 Apr 2024 15:24:35 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://15.thub.lol/

-2098053163 | 2024-04-18T15:24:38.680437

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0
Date: Thu, 18 Apr 2024 15:24:42 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:a6:4d:60:43:0d:fa:cc:f2:43:1e:88:bd:d0:38:b8:25:2e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  4 14:26:48 2024 GMT
            Not After : Jul  3 14:26:47 2024 GMT
        Subject: CN=15.thub.lol
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e1:80:66:22:fa:d7:59:8d:a1:9b:7d:23:1a:bf:
                    ff:7d:25:33:57:8b:82:a7:76:c6:77:5f:ff:39:68:
                    f6:ae:06:d8:97:f4:4e:5b:a5:9e:56:03:95:3a:08:
                    6e:2a:90:71:05:a1:b1:e4:39:c1:ba:3b:77:d8:36:
                    0c:5f:fe:ab:1b:fa:91:99:fe:1a:8d:fe:ec:64:1c:
                    00:98:6d:6c:95:9f:7e:aa:5e:11:b6:7e:95:42:11:
                    3e:cb:de:c8:98:fe:50:c2:38:a5:3c:a2:a0:76:55:
                    28:3b:bf:17:a1:67:1c:53:1f:91:26:b8:8e:fc:f6:
                    44:49:26:c8:04:82:aa:56:63:9b:32:40:a7:c3:1c:
                    1f:76:6d:b5:db:a5:47:66:fc:4c:bb:00:80:92:48:
                    6a:d6:0a:39:23:bb:86:94:49:d1:ae:3d:61:c1:5a:
                    34:a5:47:f9:00:ca:82:c4:13:51:5d:39:b5:d3:56:
                    36:02:64:63:2c:29:57:63:6d:20:af:d3:7b:6e:57:
                    71:4c:55:3d:eb:36:16:36:fb:59:8a:cc:cf:c4:8e:
                    d5:fe:08:81:ae:d2:20:15:5a:af:54:c8:03:e0:09:
                    3d:67:7f:c2:a1:1e:83:e0:c8:e9:59:99:db:25:82:
                    5f:9d:aa:b0:1e:c1:08:3c:b4:a5:b3:49:07:8d:d4:
                    d3:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                A9:DC:B7:FD:89:E0:F0:98:3C:56:94:33:15:5F:E2:24:60:20:28:AD
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:15.thub.lol
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr  4 15:26:48.642 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:3B:BA:A1:54:16:63:8B:66:52:CE:B0:86:
                                CC:EC:B3:99:31:C7:A8:6B:A0:66:BF:2D:FC:00:61:72:
                                BA:E8:99:05:02:20:15:E1:26:D0:6E:E4:88:D0:1A:7B:
                                9A:B8:AA:36:4B:B6:DB:73:BE:F7:E3:31:AC:55:FE:FA:
                                FB:F1:30:9E:1F:47
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr  4 15:26:48.834 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F9:B2:16:40:E4:D7:37:64:0C:6E:C3:
                                42:3C:38:49:81:CE:E6:3C:71:7A:B4:BF:54:0B:30:41:
                                4B:6D:6F:FD:9C:02:21:00:95:3D:03:27:2B:4C:7E:F9:
                                1E:3D:B9:2A:6C:FA:2E:9C:8D:EF:C3:2B:B3:DF:AA:2A:
                                7D:C7:9D:73:C9:24:E4:D0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0c:18:40:1e:11:ed:5f:0d:f6:08:71:1a:d9:bf:49:0a:96:8a:
        01:80:dd:d1:08:22:ef:de:ab:c0:eb:22:30:4f:31:a1:d0:aa:
        df:82:09:8c:7a:c1:33:57:81:7b:d3:c4:78:0d:5c:a4:76:07:
        55:4d:8b:7c:a6:d6:c2:35:c4:04:2b:fe:d7:01:e3:0b:14:de:
        d6:c8:79:19:98:01:9f:56:ce:0b:f4:a4:fa:ba:a8:71:33:a1:
        dc:7d:22:3d:12:01:5a:16:98:26:be:ff:0c:2a:99:c4:1a:91:
        c8:f1:53:bc:c4:a9:1f:ff:bd:19:f3:e1:e8:36:45:53:a2:4e:
        00:3e:42:eb:49:a4:ef:d6:27:e9:cf:23:13:cc:23:0e:e0:b7:
        80:7a:78:ed:da:61:40:d0:35:02:87:17:b2:f3:0c:d1:e7:83:
        ab:ed:b3:92:62:7b:f8:ad:a8:d0:85:dd:77:60:9d:1c:da:54:
        f7:95:c3:38:d2:3a:7a:71:67:66:a7:66:ae:5c:c5:eb:35:a5:
        af:54:48:02:63:b8:50:be:04:50:f2:1e:e9:ed:02:80:07:3d:
        76:0a:85:ed:cb:0b:d5:c2:96:f8:73:6f:8e:0e:02:fe:b7:79:
        61:fc:23:20:21:e9:37:55:fb:59:cb:63:dd:8b:8b:94:ab:ea:
        12:87:7e:40

209.141.49.71

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-859684089 | 2024-04-13T06:14:57.663157
21 / tcp

2141531760 | 2024-04-11T08:54:25.458633
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

1584412971 | 2024-04-18T15:24:32.420051
80 / tcp

nginx1.18.0

-2098053163 | 2024-04-18T15:24:38.680437
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

209.141.49.71

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-859684089 | 2024-04-13T06:14:57.663157 21 / tcp

2141531760 | 2024-04-11T08:54:25.458633 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

1584412971 | 2024-04-18T15:24:32.420051 80 / tcp

nginx1.18.0

-2098053163 | 2024-04-18T15:24:38.680437 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-859684089 | 2024-04-13T06:14:57.663157
21 / tcp

2141531760 | 2024-04-11T08:54:25.458633
22 / tcp

1584412971 | 2024-04-18T15:24:32.420051
80 / tcp

-2098053163 | 2024-04-18T15:24:38.680437
443 / tcp