GeneralInformation

Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

WebTechnologies

JavaScript libraries

jQuery

Miscellaneous

Popper

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-1938	7.5When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

21 22 25 80 3306 8009 8080 33060

-914442752 | 2024-05-27T22:38:17.529282

21 / tcp

220 ProFTPD Server (Debian) [::ffff:24.199.95.93]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
214-ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
214-STOR    STOU    APPE    REST    ABOR    USER    PASS    ACCT*   
214-REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@CBM-ARCELOR-Origem-S11D
211-Features:
211-CLNT
211-EPRT
211-EPSV
211-HOST
211-LANG en-US.UTF-8;en-US
211-MDTM
211-MFF modify;UNIX.group;UNIX.mode;
211-MFMT
211-MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
211-REST STREAM
211-SITE COPY
211-SITE MKDIR
211-SITE RMDIR
211-SITE SYMLINK
211-SITE UTIME
211-SIZE
211-TVFS
211-UTF8
211 End

-1495656023 | 2024-05-14T21:51:15.448143

22 / tcp

SSH-2.0-OpenSSH_8.0p1 Ubuntu-6build1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCvR7P6REjk18DWZ3m5yUNZIqeBRUuEwuLCFt47oIKlq+hL
ssr8zqnZ19N5X39kWWjjWMjPXMoV+akU01GcVqGxn2R42VrhAA3VfPyM9x/LXyZoSao/lFTviJjf
Sforb8X2W99dkuKIgRwcFX2tWgUMxri19tDipdygiOxJoOLs9PMV4d/1cSTHpQh8l9S8fteGLBZP
4ntTmSPgs9ESlRia/EItLuiFMhSiq3RV8mrum9nzRRS+ux76RIhQ8MnevOlqvzlfbuipXSsfM9gy
ZyGq5F3HKKlJ3KhsHa5w7h1MDsabQRNnEDZ12cmY+VkVl0wh5FjpamezPm4gUqpewb5cLdbJyqM2
NPaM5hfYq4k6/jkWw9+KfliJC5v73ycaH+tMmiay2QNYtKZxkavWoRnWPNmDyCZ7c+xgfH6l6zBH
xjpvYznssACzYd7BGGx6hBqIoQn1r44pmZkzgMfmZ5nGmHEf7r100DakUKbLhFAPu4dQBhLpuuKg
BHuj/7SRhyU=
Fingerprint: 02:77:75:16:5e:06:bd:40:27:ec:9e:b3:4f:a4:bf:e4

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1006565600 | 2024-05-06T20:00:07.772376

25 / tcp

220 ubuntu-s-1vcpu-1gb-nyc1-01 ESMTP Postfix (Ubuntu)
250-ubuntu-s-1vcpu-1gb-nyc1-01
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:fb:4f:ff:3e:f8:0d:6f:a9:89:19:3f:d5:3a:30:88:c4:c7:49:4e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ubuntu-s-1vcpu-1gb-nyc1-01
        Validity
            Not Before: Nov 27 20:20:47 2019 GMT
            Not After : Nov 24 20:20:47 2029 GMT
        Subject: CN=ubuntu-s-1vcpu-1gb-nyc1-01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a7:b7:cf:36:0e:3a:4d:5a:9e:16:9c:6e:46:fb:
                    75:6f:ef:7d:53:0d:02:c3:90:85:83:1b:4a:5c:1d:
                    82:e3:b7:46:aa:b5:b3:13:b8:e0:a9:b1:37:6c:0d:
                    6f:bc:ab:44:57:9f:20:cf:05:4e:5b:12:d5:91:86:
                    b9:91:de:57:03:02:58:20:72:77:ae:f1:ab:68:fc:
                    e5:27:88:48:34:03:71:af:e1:b3:a8:24:12:c0:87:
                    b7:6e:37:cf:fe:88:59:52:20:f4:be:d4:4e:af:5a:
                    21:27:f0:db:f9:16:b5:37:51:20:81:a5:26:9c:7b:
                    ec:09:83:b4:7a:44:27:13:00:26:53:de:58:5f:73:
                    21:ab:43:bb:80:9c:68:af:2c:ff:e4:c6:f9:f2:50:
                    01:e9:b1:fa:01:be:85:cb:b6:24:f7:65:5b:6f:ec:
                    80:d8:91:7d:37:17:85:43:32:16:4a:78:8a:5e:9e:
                    19:92:08:dc:4d:3c:f0:03:30:be:fd:97:79:0c:d2:
                    9c:6f:4a:59:e5:e6:60:70:57:5c:a9:92:fe:07:a4:
                    bd:b1:5e:bb:3e:93:b7:3c:7e:af:82:5b:fe:fa:55:
                    c7:67:ed:88:18:c1:cb:dc:fc:56:0c:c3:41:b2:67:
                    f2:0d:a7:bd:b0:14:38:ae:c0:b5:16:a4:74:80:36:
                    5d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:ubuntu-s-1vcpu-1gb-nyc1-01
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1f:fe:a5:f0:fe:74:35:78:63:bf:d4:11:cd:4d:69:cb:f5:ec:
        2e:0d:51:7c:90:17:95:53:e2:54:36:b3:40:84:a7:da:e7:fd:
        e4:d2:44:a6:b6:3e:15:06:ef:a5:4e:5e:5d:3a:6e:90:7c:c8:
        55:75:82:09:28:92:53:64:c8:51:c2:8b:60:8c:65:b5:1c:12:
        58:cc:ac:f9:29:1d:31:e5:2f:3a:35:ef:eb:cc:fb:1e:e9:21:
        10:e9:99:50:ba:ba:d0:0c:03:6e:86:65:d2:0a:b3:87:b7:f8:
        1a:a8:c0:bf:0e:e2:1b:62:e7:e8:ff:f2:e7:ef:92:af:b1:71:
        47:c3:16:ae:c1:7a:38:59:30:71:00:bd:39:3c:b5:72:e4:93:
        ac:28:27:72:16:96:38:5f:19:96:09:14:08:fb:1c:7f:d6:1f:
        09:d7:fb:03:89:c2:de:9a:9b:fa:d2:1f:01:b5:cc:c7:08:6b:
        7b:ca:e0:59:82:c7:84:36:b4:05:77:53:b4:32:22:d4:38:bd:
        ab:1b:c9:33:a3:d6:30:1e:b2:27:48:05:20:4b:f8:9f:b0:90:
        8d:a2:16:83:6f:85:ab:65:64:2f:ff:7a:75:bd:20:18:0b:c7:
        95:05:f1:30:de:92:0c:0d:5e:2c:d4:67:9a:dc:21:54:ad:0a:
        4d:46:9a:7d

1691111551 | 2024-06-01T12:17:11.746800

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 01 Jun 2024 12:17:11 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjM1anB1NlwvQjB5TzdJc2ZhcWpYV2hBPT0iLCJ2YWx1ZSI6IkpGWlRjUGRZNFdyNmZZNGszSTlnRzd4VFdrZDM4VHh2NnJVM0VXWlZENDBjODZDR1JwSHNjS3lPTFpiaVJDc0ciLCJtYWMiOiI1NjdjMmQwNGQzYzQyMTllODc0ODExOTA4Yjk5Mjk5NzA3NjE2MTAzY2IzZGEyYWU3MzNkMGJkMDIwYzliOGQ4In0%3D; expires=Sat, 01-Jun-2024 14:17:11 GMT; Max-Age=7200; path=/
Set-Cookie: cel_session=eyJpdiI6Ikh4MUFBM1h6MlRrcFQ3VHJaRjFISEE9PSIsInZhbHVlIjoiYTljWWhDQmdINXY2T2lBYkY0dFI4K2FrR1RIWW5EdG5SSDJ6cERGazlWdkl3dFFpdDI1MGVwamNkU2lwRXZyciIsIm1hYyI6Ijc1OGEzYjc4MWY1OGQ0YjZlYWRiY2FiY2U5YzZmNTE2ZGE0NDBkZTgzMTBkZmE5ZTIzOGVjODc3YTY5YzhlYWMifQ%3D%3D; expires=Sat, 01-Jun-2024 14:17:11 GMT; Max-Age=7200; path=/; httponly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

234228306 | 2024-05-06T15:11:27.002872

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.20-0ubuntu0.19.10.1
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 51199
  Authentication Plugin: caching_sha2_password

2117647996 | 2024-05-29T21:26:45.675417

8009 / tcp

<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;asdadadas</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.49</h3></body></html>

-1117764704 | 2024-05-31T16:28:22.887534

8080 / tcp

HTTP/1.1 200 
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 31 May 2024 16:28:22 GMT

-795948505 | 2024-05-28T01:27:03.861572

33060 / tcp

MySQL X Protocol:
  tls: False
  authentication.mechanisms:
    MYSQL41
    SHA256_MEMORY
  doc.formats: text
  client.interactive: False
  compression:
    algorithm:
      deflate_stream
      lz4_message
      zstd_stream
  node_type: mysql
  client.pwd_expire_ok: False

24.199.95.93

Last Seen: 2024-06-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-914442752 | 2024-05-27T22:38:17.529282
21 / tcp

-1495656023 | 2024-05-14T21:51:15.448143
22 / tcp

OpenSSH8.0p1 Ubuntu-6build1

-1006565600 | 2024-05-06T20:00:07.772376
25 / tcp

Postfix smtpd

1691111551 | 2024-06-01T12:17:11.746800
80 / tcp

nginx1.16.1

234228306 | 2024-05-06T15:11:27.002872
3306 / tcp

MySQL8.0.20-0ubuntu0.19.10.1

2117647996 | 2024-05-29T21:26:45.675417
8009 / tcp

Apache Tomcat8.5.49

-1117764704 | 2024-05-31T16:28:22.887534
8080 / tcp

Apache Tomcat

-795948505 | 2024-05-28T01:27:03.861572
33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

24.199.95.93

Last Seen: 2024-06-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-914442752 | 2024-05-27T22:38:17.529282 21 / tcp

-1495656023 | 2024-05-14T21:51:15.448143 22 / tcp

OpenSSH8.0p1 Ubuntu-6build1

-1006565600 | 2024-05-06T20:00:07.772376 25 / tcp

Postfix smtpd

1691111551 | 2024-06-01T12:17:11.746800 80 / tcp

nginx1.16.1

234228306 | 2024-05-06T15:11:27.002872 3306 / tcp

MySQL8.0.20-0ubuntu0.19.10.1

2117647996 | 2024-05-29T21:26:45.675417 8009 / tcp

Apache Tomcat8.5.49

-1117764704 | 2024-05-31T16:28:22.887534 8080 / tcp

Apache Tomcat

-795948505 | 2024-05-28T01:27:03.861572 33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

-914442752 | 2024-05-27T22:38:17.529282
21 / tcp

-1495656023 | 2024-05-14T21:51:15.448143
22 / tcp

-1006565600 | 2024-05-06T20:00:07.772376
25 / tcp

1691111551 | 2024-06-01T12:17:11.746800
80 / tcp

234228306 | 2024-05-06T15:11:27.002872
3306 / tcp

2117647996 | 2024-05-29T21:26:45.675417
8009 / tcp

-1117764704 | 2024-05-31T16:28:22.887534
8080 / tcp

-795948505 | 2024-05-28T01:27:03.861572
33060 / tcp