GeneralInformation

Hostnames	ads.adsterra.com
Domains	adsterra.com
Country	United States
City	Ashburn
Organization	Advanced Hosters B.V.
ISP	DataWeb Global Group B.V.
ASN	AS39572

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 123 443 9100

-669538572 | 2024-05-21T16:59:19.031625

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.5
Date: Tue, 21 May 2024 16:59:18 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://google.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Cache-Control: max-age=0, private, no-cache
Pragma: no-cache

-2037328890 | 2024-05-23T12:05:02.234724

123 / udp

NTP
protocolversion: 3
stratum: 0
leap: 3
precision: 0
rootdelay: 0.0
rootdisp: 0.0
refid: 1380013125
reftime: 0.0
poll: 3

-669538572 | 2024-05-22T21:54:21.876959

443 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.5
Date: Wed, 22 May 2024 21:54:21 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://your.adsterra.com/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Cache-Control: max-age=0, private, no-cache
Pragma: no-cache

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:40:3c:d2:d0:69:f1:92:b8:39:cb:ac:e6:e5:3c:89:2b:37
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 26 19:45:14 2024 GMT
            Not After : Jun 24 19:45:13 2024 GMT
        Subject: CN=ads.adsterra.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:9b:cf:1d:7d:aa:a9:bd:7d:7b:41:0b:a6:e0:
                    1f:6c:4b:7a:d4:ca:71:2b:12:66:cd:bd:56:ec:95:
                    cb:4d:81:4a:cd:e9:d2:57:33:a6:bc:65:53:fd:ea:
                    ff:f1:66:3e:12:a0:6a:d9:5b:a7:52:26:34:d4:ef:
                    6f:b3:8b:e3:cb:56:3c:0a:d8:5a:08:f3:3d:6a:23:
                    9a:05:7c:9f:73:01:82:69:9e:49:40:7f:86:ef:53:
                    b9:bd:d0:49:b0:66:1f:87:bf:14:58:57:b9:10:2e:
                    12:87:52:c1:b1:26:b6:16:b6:8c:5b:ec:6e:59:75:
                    72:0b:2f:04:58:14:23:8f:ab:44:27:49:4c:d1:ff:
                    41:d6:de:d6:a2:9a:fc:87:50:d9:5d:61:0f:f0:ea:
                    c5:1e:f3:a4:26:52:bb:1d:2e:d8:e5:b9:f8:e1:ee:
                    88:e6:9d:a9:03:f8:f9:05:6e:59:e7:eb:35:43:f0:
                    db:2f:c6:01:ec:04:ff:e2:98:c2:7b:23:62:db:b5:
                    bc:af:4f:bc:8c:a0:9f:ad:fa:bb:71:44:d4:91:54:
                    16:99:3e:81:22:7c:7d:e8:7a:b1:e5:3c:f0:b1:b1:
                    83:5f:46:82:d3:e1:85:12:9f:f2:6f:5e:b4:68:cc:
                    4f:dc:ef:6d:4b:90:78:d9:3a:47:d1:b0:ab:32:ca:
                    fb:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                47:B7:F1:F9:54:5E:57:E5:0A:B6:B5:F0:72:6B:0D:35:BA:1D:6D:96
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.ads.adsterra.com, DNS:ads.adsterra.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 26 20:45:14.299 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:40:B9:E9:55:D8:9A:8C:CA:12:13:91:F1:
                                C9:80:B8:FB:58:A5:DC:9D:9C:0C:E9:29:59:C9:D3:5C:
                                DA:43:9C:8F:02:20:54:19:A1:C7:A8:EF:EB:B2:FB:57:
                                96:DC:E4:84:6D:A6:04:84:A8:5A:4D:E1:81:42:35:C1:
                                5F:C4:A4:CF:FA:BA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 26 20:45:14.318 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F5:24:21:35:8B:87:7C:70:DF:A5:28:
                                4A:0A:D1:00:6B:86:BF:69:C7:14:6E:66:4A:27:DA:C1:
                                C2:A8:79:7B:33:02:20:6C:3A:EC:DE:2E:95:25:82:FB:
                                A1:D6:91:CB:7E:1C:69:F2:A8:A1:75:86:55:50:8E:9C:
                                61:CF:59:BA:99:3F:DE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4b:f9:a2:44:ae:c9:e3:83:16:f6:b3:91:63:c4:b7:e5:cf:c1:
        90:8d:3d:bb:1a:db:c9:9e:0d:f7:3d:9c:bf:d9:ff:05:6a:83:
        8e:19:87:8b:0f:b9:28:22:8f:30:f0:77:99:7a:ce:54:de:6c:
        58:33:be:98:58:5c:5f:02:ee:25:a1:fc:da:cc:33:88:64:b0:
        0e:b1:c9:fe:62:16:4f:d4:45:f5:be:80:c6:17:b9:74:d7:ad:
        ae:f4:ef:91:68:5f:fc:ec:bf:51:70:66:32:e3:ac:22:2e:be:
        b4:51:8b:15:45:da:1f:1b:95:07:7c:a8:ba:74:ed:6a:71:f1:
        40:8c:5e:00:01:fb:17:92:55:2d:18:45:94:4f:06:30:1b:64:
        ff:e9:a1:36:0d:2a:e5:30:36:d6:8f:58:d7:fa:9d:37:87:4e:
        52:81:4f:84:5c:87:60:42:a8:1d:d8:32:03:46:b5:16:f4:87:
        c5:d6:b2:59:d6:f7:13:2f:b2:18:ae:e4:f6:50:4a:6d:5e:52:
        f9:9d:20:2d:27:0d:f1:cb:9f:64:8a:13:0c:6a:a9:0f:ce:56:
        80:c4:79:67:0e:1f:f6:fe:98:ae:57:01:16:9d:db:24:7f:f7:
        17:71:d4:37:a7:31:2b:6f:70:bf:40:22:d6:07:83:94:1f:2e:
        ab:bf:dd:6a

755827363 | 2024-05-18T08:53:16.027069

9100 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request
Prometheus Node Exporter:
  node_exporter_build_info:
    branch: HEAD
    goversion: go1.17.3
    revision: a2321e7b940ddcff26873612bccdf7cd4c42b6b6
    version: 1.3.1
  node_os_info:
    id: debian
    name: Debian GNU/Linux
    pretty_name: Debian GNU/Linux 9 (stretch)
    version: 9 (stretch)
    version_codename: stretch
    version_id: 9
  node_uname_info:
    domainname: (none)
    machine: x86_64
    nodename: washington-balancer4
    release: 4.9.0-19-amd64
    sysname: Linux
    version: #1 SMP Debian 4.9.320-2 (2022-06-30)
  node_dmi_info:
    bios_date: 10/16/2019
    bios_vendor: American Megatrends Inc.
    bios_version: 3.2
    board_asset_tag: To be filled by O.E.M.
    board_name: X11DDW-L
    board_vendor: Supermicro
    board_version: 1.11
    chassis_asset_tag: To be filled by O.E.M.
    chassis_vendor: Supermicro
    chassis_version: 0123456789
    product_name: Super Server
    product_version: 0123456789
    system_vendor: Supermicro
  node_network_info:
    veth3c1cc38:
      address: 92:15:d6:5f:73:88
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth3c1cc38
      duplex: full
      operstate: up
    docker0:
      address: 02:42:ef:5c:74:6d
      broadcast: ff:ff:ff:ff:ff:ff
      device: docker0
      operstate: up
    veth8ea5477:
      address: fa:42:8c:34:ad:10
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth8ea5477
      duplex: full
      operstate: up
    lo:
      address: 00:00:00:00:00:00
      broadcast: 00:00:00:00:00:00
      device: lo
      operstate: unknown
    veth632dbf2:
      address: 02:26:b0:c3:20:e4
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth632dbf2
      duplex: full
      operstate: up
    br-e1ad0f260bac:
      address: 02:42:6c:7e:25:46
      broadcast: ff:ff:ff:ff:ff:ff
      device: br-e1ad0f260bac
      operstate: up
    vethe09fc82:
      address: 6a:fe:c7:43:d2:4e
      broadcast: ff:ff:ff:ff:ff:ff
      device: vethe09fc82
      duplex: full
      operstate: up
    veth9af5e36:
      address: 46:d4:ca:1c:ef:ea
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth9af5e36
      duplex: full
      operstate: up
    veth91900be:
      address: 9a:8d:58:53:ee:b1
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth91900be
      duplex: full
      operstate: up
    br-dc2f46898b14:
      address: 02:42:c6:b8:38:24
      broadcast: ff:ff:ff:ff:ff:ff
      device: br-dc2f46898b14
      operstate: up
    vethfb89f9d:
      address: c6:27:7b:03:24:fd
      broadcast: ff:ff:ff:ff:ff:ff
      device: vethfb89f9d
      duplex: full
      operstate: up
    vethb4009db:
      address: 12:0f:32:a7:d2:c0
      broadcast: ff:ff:ff:ff:ff:ff
      device: vethb4009db
      duplex: full
      operstate: up
    eth3:
      address: 3c:fd:fe:cd:e8:e5
      broadcast: ff:ff:ff:ff:ff:ff
      device: eth3
      duplex: full
      operstate: up
    eth2:
      address: 3c:fd:fe:cd:e8:e4
      broadcast: ff:ff:ff:ff:ff:ff
      device: eth2
      duplex: full
      operstate: up
    eth1:
      address: ac:1f:6b:c4:2d:89
      broadcast: ff:ff:ff:ff:ff:ff
      device: eth1
      operstate: down
    eth0:
      address: ac:1f:6b:c4:2d:88
      broadcast: ff:ff:ff:ff:ff:ff
      device: eth0
      operstate: down

MAC Addresses

3C:FD:FE:CD:E8:E4
    OUI: 3C:FD:FE
    Organization: Intel Corporate
    Assignment: MA-L
    Registration Date: 2014-10-30
3C:FD:FE:CD:E8:E5
    OUI: 3C:FD:FE
    Organization: Intel Corporate
    Assignment: MA-L
    Registration Date: 2014-10-30
AC:1F:6B:C4:2D:88
    OUI: AC:1F:6B
    Organization: Super Micro Computer, Inc.
    Assignment: MA-L
    Registration Date: 2016-08-23
AC:1F:6B:C4:2D:89
    OUI: AC:1F:6B
    Organization: Super Micro Computer, Inc.
    Assignment: MA-L
    Registration Date: 2016-08-23

213.174.151.99

Last Seen: 2024-05-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-669538572 | 2024-05-21T16:59:19.031625
80 / tcp

nginx1.19.5

-2037328890 | 2024-05-23T12:05:02.234724
123 / udp

-669538572 | 2024-05-22T21:54:21.876959
443 / tcp

nginx1.19.5

755827363 | 2024-05-18T08:53:16.027069
9100 / tcp

Prometheus Node Exporter1.3.1

Products

Pricing

Contact Us

213.174.151.99

Last Seen: 2024-05-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-669538572 | 2024-05-21T16:59:19.031625 80 / tcp

nginx1.19.5

-2037328890 | 2024-05-23T12:05:02.234724 123 / udp

-669538572 | 2024-05-22T21:54:21.876959 443 / tcp

nginx1.19.5

755827363 | 2024-05-18T08:53:16.027069 9100 / tcp

Prometheus Node Exporter1.3.1

Products

Pricing

Contact Us

-669538572 | 2024-05-21T16:59:19.031625
80 / tcp

-2037328890 | 2024-05-23T12:05:02.234724
123 / udp

-669538572 | 2024-05-22T21:54:21.876959
443 / tcp

755827363 | 2024-05-18T08:53:16.027069
9100 / tcp