GeneralInformation

Hostnames	necesitaria.es api.necesitaria.es www.necesitaria.es
Domains	necesitaria.es
Cloud Provider	DigitalOcean
Cloud Region	nl-nh
Country	Netherlands
City	Amsterdam
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3306

2000411596 | 2024-04-20T13:48:16.958910

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDdkINc+9xu0PlAyN1ZYBcxJrlzqDoOlmx3VJrmx5mjNKtN
2tqUolUROy7SQ2pEntI7Q37xanGlCnUViErdVxNEns/g2ploE8vPsa1wkjATggl/ObWnHBPYERrZ
2df7XRPYYL1kCXogLEpXLF/SDxZkgQM5oNpR4y7+AcPusdyCnVNILkhGDKmGqzBEsjX4b9/j+Uuk
vhIHT36LyuoffVAhsSQA8hOXJeAQy6pWopHznaxZZiFxqhyxYA7Gn37DVQffQ96TwuG4YiVPoZ1G
uByVfaQ3KukHHLSOEj58+kFlGTdJpaovjevkEe3ezjWMZrQnpJBzm5+IV750rWZiaXV8gKmlOvyQ
bqp/T4qyJHR+cdv4BaSwKk/tEOxzQy0PrGby1os40VYgi3nSz+lFb5ZkLbnhwtT4kuG7DeAi+EgJ
8bI5Bo/lgRBZFXVE9IRtmZU6H02dEWqTtq0Be1NKVxtH8XoXhr5Ofq6FQA1XqXslSMfG572E9x2s
jaGpdFfgvS8=
Fingerprint: 92:91:23:34:38:73:54:cd:9c:9d:18:db:fe:72:6f:8f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-20T07:34:58.992920

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 20 Apr 2024 07:34:58 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 16 Nov 2022 06:46:58 GMT
Connection: keep-alive
ETag: "63748762-264"
Accept-Ranges: bytes

-1289913143 | 2024-04-20T13:02:01.676781

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 20 Apr 2024 13:02:01 GMT
Content-Type: application/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:2e:45:95:79:15:1c:f4:a0:56:61:c7:4a:e6:87:a6:64:82
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  9 15:51:44 2024 GMT
            Not After : Jul  8 15:51:43 2024 GMT
        Subject: CN=necesitaria.es
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e1:43:60:90:ae:6f:b0:48:88:40:fb:c2:5a:3a:
                    7c:5b:ec:1b:6b:0a:5f:4f:ac:4b:b5:79:16:b4:e8:
                    f9:be:bd:bc:28:94:e5:d6:7f:9a:3f:98:36:37:5b:
                    4a:5a:cd:dd:5f:1b:74:b2:f8:28:bf:5d:33:3f:2a:
                    3c:c9:6a:b4:3a:f5:b3:98:0d:6f:61:a7:d4:44:c7:
                    5a:12:2f:eb:34:68:3a:6d:fa:37:02:03:88:92:70:
                    2a:e0:6e:ec:02:cf:00:70:d3:35:db:0d:d2:27:5c:
                    b5:b6:d5:37:e1:77:0b:85:ed:80:c3:36:47:5b:bf:
                    4f:dd:cc:a5:87:da:60:61:9b:f5:17:a6:61:df:34:
                    cd:3e:67:b4:62:76:1e:ec:da:dc:f0:c1:51:fa:30:
                    24:71:26:8a:1c:52:03:7a:b9:c0:3f:d2:e9:72:c7:
                    d6:e5:c4:c7:16:aa:76:02:02:86:6c:1e:54:15:fc:
                    5b:8d:52:a9:8c:09:0d:7f:72:3e:10:5c:e7:b2:0d:
                    be:d1:a0:d1:75:53:bc:91:b5:b1:e0:49:41:d3:bd:
                    d1:2b:0a:31:2c:c2:1d:2d:b0:d7:90:e1:61:d6:a5:
                    4b:b4:c3:92:8f:fc:9f:ec:ac:3c:8b:72:09:c8:94:
                    d2:47:21:50:85:bb:3b:a2:09:86:15:d3:eb:90:73:
                    13:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                05:79:85:EF:88:C7:03:39:3A:39:DE:0E:7E:73:A4:95:4C:1C:66:5F
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.necesitaria.es, DNS:necesitaria.es, DNS:www.necesitaria.es
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr  9 16:51:44.479 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:85:D8:B7:54:3F:49:1E:12:43:F4:49:
                                66:70:F8:40:0D:4F:C2:53:56:CD:57:F6:06:44:3B:BE:
                                F7:F0:86:3E:41:02:20:24:EA:E8:46:33:C1:C6:49:6A:
                                7A:1B:2B:6A:21:1D:09:A3:97:BB:8D:82:B2:8D:39:04:
                                9E:AC:16:55:0B:61:76
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr  9 16:51:44.679 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8B:09:3E:0C:B4:14:A3:A4:29:B3:22:
                                D6:CA:26:F0:AE:2C:2E:26:EF:FA:CB:55:33:20:8E:0C:
                                E3:9C:88:B1:8F:02:21:00:A7:B2:C3:88:9F:DE:B9:DC:
                                63:7B:88:2D:F4:6F:5B:95:18:A0:09:57:E6:52:84:19:
                                64:8B:04:D7:22:72:5C:A2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        13:0e:47:a3:a0:9d:91:90:33:69:ad:37:11:12:53:12:d8:3d:
        06:d5:87:5e:b9:b4:61:13:a3:c2:41:e5:86:21:6d:79:34:f8:
        40:89:44:02:3c:9d:10:b9:2c:9a:59:f6:10:ba:d4:21:17:3b:
        6a:55:27:7c:8a:e4:07:45:50:25:26:f5:97:fa:e2:c6:4c:0c:
        08:71:e9:b8:09:e1:a7:2c:1d:66:db:8c:20:45:de:04:da:d3:
        5e:19:f9:68:87:17:26:26:68:98:7a:ec:7a:05:a1:a4:4a:22:
        ae:c6:b5:ba:ce:05:c2:1b:1b:df:bd:e3:eb:d6:24:5c:b7:76:
        22:3b:04:33:0d:f9:a6:ba:01:40:eb:83:25:82:57:4b:2e:84:
        34:dc:b6:04:ac:a5:99:88:e4:4d:70:af:b3:7c:5d:f0:b2:34:
        d1:2e:1a:5d:0d:33:b7:93:28:08:48:60:e5:ce:e6:2d:a7:c1:
        f6:5d:54:e7:48:bf:49:c2:3c:89:35:4c:14:ad:c4:ef:cf:4c:
        4f:10:40:45:aa:b9:56:51:31:59:a4:8a:06:c4:26:19:7b:0b:
        90:cf:69:e5:5e:ff:41:7e:e3:6d:f0:c4:78:49:e0:9f:80:cd:
        5f:0d:2e:f7:32:cc:76:25:f0:38:1e:6b:fe:9d:45:b6:14:cc:
        e8:1d:8f:10

-928723648 | 2024-04-20T02:40:35.478280

3306 / tcp

MySQL:
  Error Message: Host '224.131.179.63' is not allowed to connect to this MySQL server
  Error Code: 1130

64.227.68.209

Last Seen: 2024-04-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2000411596 | 2024-04-20T13:48:16.958910
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-20T07:34:58.992920
80 / tcp

nginx1.18.0

-1289913143 | 2024-04-20T13:02:01.676781
443 / tcp

nginx1.18.0

-928723648 | 2024-04-20T02:40:35.478280
3306 / tcp

MySQL

Products

Pricing

Contact Us

64.227.68.209

Last Seen: 2024-04-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2000411596 | 2024-04-20T13:48:16.958910 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-20T07:34:58.992920 80 / tcp

nginx1.18.0

-1289913143 | 2024-04-20T13:02:01.676781 443 / tcp

nginx1.18.0

-928723648 | 2024-04-20T02:40:35.478280 3306 / tcp

MySQL

Products

Pricing

Contact Us

2000411596 | 2024-04-20T13:48:16.958910
22 / tcp

1651973090 | 2024-04-20T07:34:58.992920
80 / tcp

-1289913143 | 2024-04-20T13:02:01.676781
443 / tcp

-928723648 | 2024-04-20T02:40:35.478280
3306 / tcp