GeneralInformation

Hostnames	38.202.223.35.bc.googleusercontent.com app.uplinkfi.com
Domains	googleusercontent.com uplinkfi.com
Cloud Provider	Google
Cloud Region	us-central1
Country	United States
City	Council Bluffs
Organization	Google LLC
ISP	Google LLC
ASN	AS396982

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 81 443 3306 6379 8001 8080 33060

-21627593 | 2024-05-14T23:48:16.479382

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDCoXhNELP6IKd7D8jYHc6+qkwiFPqZOMEbhsAd8X1cyvyQ
zzjgGzGW8Tjnq6J9S2R4yrusa5vgocWM43YQjPe8QCnfZoVHitLclXn43BYpmC0up+iCLG9A/TpZ
9v8ZFODvoydxSp0wmolLtj8QoJ0fXu+1+pHRHXXQ66bp+DqKOkq5Lq3xfxj3/FWxSsahuzbDtDgA
n3kHwi1gobVyWZYhcSFYeGGyVIlg7GH1znm1NVHmdtPWsUFAn0GUkFZQJVONBOI6PXUZLVpTldYg
JNvtHxzxzsN5e4bF4r3oPXpVSszHF4pYRVp4b1B5xuPetnmIVY5+4pgDphuq4dx6DZbSRPHJ7NP4
IXSaBiU7LDF7Cuyo3ZZZWuXcTj5QpCjMliTflQU8yjv4UFxubu6qdYieflk4Gjiocciqcbm5DEco
B5WlulABT1KSXHzu21X8b1g5VTlMX19phPhJCIwXvpJaCTZe68ccCs+QU4dDRG1LGe7q7tAbnZhb
49xOeIsXopE=
Fingerprint: 49:8e:21:2d:75:1f:07:20:18:ab:8e:1e:b3:1f:bd:7b

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

597250010 | 2024-05-26T04:23:22.153580

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 26 May 2024 04:23:21 GMT
Content-Type: text/html
Content-Length: 203518
Last-Modified: Thu, 25 Jan 2024 06:07:30 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "65b1faa2-31afe"
Accept-Ranges: bytes

1651973090 | 2024-05-26T23:03:14.532630

81 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 26 May 2024 23:03:14 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 24 Jan 2024 06:17:56 GMT
Connection: keep-alive
ETag: "65b0ab94-264"
Accept-Ranges: bytes

56387974 | 2024-05-25T02:13:50.354345

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 25 May 2024 02:13:50 GMT
Content-Type: text/html
Content-Length: 2595
Last-Modified: Thu, 11 Apr 2024 19:02:18 GMT
Connection: keep-alive
ETag: "661833ba-a23"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:20:f2:c4:a0:e4:bd:bf:7f:7d:ba:de:7a:db:c6:e3:38:6b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 27 12:33:38 2024 GMT
            Not After : Jul 26 12:33:37 2024 GMT
        Subject: CN=app.uplinkfi.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ea:d5:a6:09:1a:91:0e:6c:91:48:c8:ef:3e:d1:
                    5c:84:3c:2a:cb:e1:75:95:b4:a1:6e:f5:40:68:8e:
                    c8:99:d6:8c:be:b5:67:d4:47:20:12:67:5c:97:da:
                    29:2f:ab:4c:3e:0f:32:8d:c3:f7:e5:d4:c0:86:4f:
                    d1:eb:ca:1d:27:5f:c7:6e:0f:e8:31:19:19:f5:8e:
                    ed:dd:65:15:c7:e1:b8:ea:e0:d2:09:0c:bd:51:d8:
                    90:c6:e3:47:77:bf:3d:92:dc:cc:c6:11:0f:a8:5c:
                    9d:3b:09:77:5d:5b:bf:be:05:2c:02:29:1a:b5:8e:
                    34:db:80:ee:2b:c9:3d:c6:9e:fe:f5:ed:9d:bc:53:
                    00:ff:f6:a2:de:fe:df:29:f2:89:e8:d7:65:25:4c:
                    f4:6c:6b:43:66:16:68:24:ae:44:4b:78:90:7c:de:
                    0a:e1:e1:fa:5c:cb:06:56:da:b6:53:97:07:c2:96:
                    01:fb:1e:55:c6:83:26:1e:b9:c5:24:0e:8b:f1:b9:
                    9c:bf:b4:9b:e6:e6:f5:10:bd:13:e3:fe:3d:ea:1f:
                    84:24:58:24:80:d4:85:db:f4:86:e5:95:34:7f:f2:
                    9a:e6:6b:83:31:82:e6:79:45:b2:08:88:cd:3e:06:
                    ae:74:45:b0:16:0b:44:08:66:29:53:ed:8c:b6:aa:
                    77:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                9A:FC:5D:A2:5D:3B:1E:5C:79:CB:E0:B1:7A:C7:A4:6C:4C:70:4F:C8
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:app.uplinkfi.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 27 13:33:38.416 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:09:B0:5E:10:56:F8:D4:53:89:1D:8E:8D:
                                C1:F7:4B:12:50:45:6A:7D:A8:BA:3B:89:76:8E:64:07:
                                2D:85:62:C8:02:21:00:C9:37:F3:F6:83:D8:D4:3C:89:
                                04:91:64:D4:20:5A:10:1A:F1:82:25:71:27:BC:1B:D7:
                                96:B3:34:C0:99:3D:9B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Apr 27 13:33:38.489 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:18:2F:39:85:EF:C7:77:55:27:0F:30:9F:
                                A5:04:57:22:AF:43:18:1F:FF:DA:38:71:88:37:DF:1A:
                                E0:6D:C2:25:02:21:00:C5:83:6B:09:9D:AF:61:44:09:
                                36:51:3F:84:13:A0:95:9E:A1:86:B2:D2:55:9A:47:54:
                                7A:8A:5E:54:8C:90:C1
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:a6:3f:3a:40:94:6a:24:34:3b:66:49:73:09:75:43:7e:e4:
        53:ac:4a:ba:ae:2d:f1:7c:83:7c:c5:a2:11:09:9b:ec:cd:c7:
        6a:ef:b1:c2:bc:a5:b1:4e:a1:a5:10:d1:e4:05:62:81:f9:cd:
        85:70:5c:ed:71:20:f7:88:96:5c:94:21:cc:79:5c:fd:55:aa:
        b2:b4:b4:88:b9:c5:f9:d7:91:dd:a1:63:b7:43:13:df:2e:d3:
        9f:ab:e9:86:75:16:1b:90:75:24:ff:4c:e6:9e:61:d0:50:67:
        d7:98:52:bd:05:26:4e:7f:e2:1b:5d:a8:c1:73:26:8b:71:62:
        c2:cb:cb:a3:9e:03:44:c5:28:11:4b:a1:c1:2b:0c:98:6e:01:
        ee:74:eb:36:42:f9:13:f2:6a:2d:4b:a3:9a:43:28:95:93:31:
        46:ea:bb:68:e4:3a:f4:f7:18:38:44:58:6d:d0:04:fb:7c:14:
        d4:64:93:d5:2f:ad:6f:2b:f3:e4:4f:84:bf:17:ac:00:65:e3:
        8e:a8:75:f2:cd:05:98:5a:98:15:ec:0e:85:4f:e5:f5:47:f3:
        ae:d9:cf:2c:7c:c9:c1:6f:b6:3a:c2:75:03:fb:ce:ce:cc:fc:
        46:1c:2d:58:c3:3c:fe:5d:26:fd:bc:39:ff:f9:58:86:94:46:
        fc:8d:4b:01

748751232 | 2024-05-28T19:33:12.905987

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.36-0ubuntu0.20.04.1
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

-1927723706 | 2024-05-22T21:02:52.300176

6379 / tcp

-NOAUTH Authentication required.

1009235027 | 2024-05-26T12:19:28.464828

8001 / tcp

HTTP/1.1 404 Not Found
Server: GoFrame HTTP Server
Trace-Id: 0812872f2c09d317c61f8058dba557d0
Date: Sun, 26 May 2024 12:19:28 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked

513020273 | 2024-05-24T13:55:47.929683

8080 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 682
Date: Fri, 24 May 2024 13:55:47 GMT

-795948505 | 2024-05-20T15:34:03.793276

33060 / tcp

MySQL X Protocol:
  tls: False
  authentication.mechanisms:
    MYSQL41
    SHA256_MEMORY
  doc.formats: text
  client.interactive: False
  compression:
    algorithm:
      deflate_stream
      lz4_message
      zstd_stream
  node_type: mysql
  client.pwd_expire_ok: False

35.223.202.38

Last Seen: 2024-05-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-21627593 | 2024-05-14T23:48:16.479382
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

597250010 | 2024-05-26T04:23:22.153580
80 / tcp

nginx1.18.0

1651973090 | 2024-05-26T23:03:14.532630
81 / tcp

nginx1.18.0

56387974 | 2024-05-25T02:13:50.354345
443 / tcp

nginx1.18.0

748751232 | 2024-05-28T19:33:12.905987
3306 / tcp

MySQL8.0.36-0ubuntu0.20.04.1

-1927723706 | 2024-05-22T21:02:52.300176
6379 / tcp

Redis key-value store

1009235027 | 2024-05-26T12:19:28.464828
8001 / tcp

513020273 | 2024-05-24T13:55:47.929683
8080 / tcp

-795948505 | 2024-05-20T15:34:03.793276
33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

35.223.202.38

Last Seen: 2024-05-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-21627593 | 2024-05-14T23:48:16.479382 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

597250010 | 2024-05-26T04:23:22.153580 80 / tcp

nginx1.18.0

1651973090 | 2024-05-26T23:03:14.532630 81 / tcp

nginx1.18.0

56387974 | 2024-05-25T02:13:50.354345 443 / tcp

nginx1.18.0

748751232 | 2024-05-28T19:33:12.905987 3306 / tcp

MySQL8.0.36-0ubuntu0.20.04.1

-1927723706 | 2024-05-22T21:02:52.300176 6379 / tcp

Redis key-value store

1009235027 | 2024-05-26T12:19:28.464828 8001 / tcp

513020273 | 2024-05-24T13:55:47.929683 8080 / tcp

-795948505 | 2024-05-20T15:34:03.793276 33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

-21627593 | 2024-05-14T23:48:16.479382
22 / tcp

597250010 | 2024-05-26T04:23:22.153580
80 / tcp

1651973090 | 2024-05-26T23:03:14.532630
81 / tcp

56387974 | 2024-05-25T02:13:50.354345
443 / tcp

748751232 | 2024-05-28T19:33:12.905987
3306 / tcp

-1927723706 | 2024-05-22T21:02:52.300176
6379 / tcp

1009235027 | 2024-05-26T12:19:28.464828
8001 / tcp

513020273 | 2024-05-24T13:55:47.929683
8080 / tcp

-795948505 | 2024-05-20T15:34:03.793276
33060 / tcp