GeneralInformation

Hostnames	appmontilla.com
Domains	appmontilla.com
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

JavaScript frameworks

Webix

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3306 8443

1566429866 | 2024-04-20T04:57:44.834567

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.7
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDHvk0I45TsU6tOLa3VzE7Q0Fl2kS8pMZ2xF5/zcv7Bv82t
mW4A2e5uWvBXZOaCr6BHIctn+kB7bu9JDzrHNC6paAiUFksX9hCyMe75QFD4f64BefYM1sUzSkQh
4OMdPLuftQqjW/hJZlLzY3qhfIXXCnHNBWQflCA4hzFjWvLCPyyKwShYmWkl5w4oqmK+KwjNifMU
2iLVQbsE0rcq5lnYbKy99LHrMSqmE3ziqRQpnxQJoK16ZhPI1tBch9NdAWhWhyAKQyKFmU17+7cr
XCnEHSQJethioL+7HjCjximsu7GnzMciuAmHOKY1KDYYZVAkSirVdPitW0JpIYWtD/Rj
Fingerprint: 76:0d:43:4d:98:2e:0f:85:f6:7d:4b:a5:53:df:ff:fa

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-2100514759 | 2024-04-27T10:32:02.114873

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 27 Apr 2024 10:32:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://appmontilla.com/

-2000433865 | 2024-04-21T02:57:41.358950

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 21 Apr 2024 02:57:41 GMT
Content-Type: text/html
Content-Length: 2761
Last-Modified: Tue, 04 Jul 2023 15:55:06 GMT
Connection: keep-alive
ETag: "64a440da-ac9"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:83:9b:28:4e:43:9e:45:0d:19:e4:4d:c6:79:8d:55:ac:37
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Jun 20 21:30:02 2023 GMT
            Not After : Sep 18 21:30:01 2023 GMT
        Subject: CN=appmontilla.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:aa:a8:81:cc:6c:6a:b9:1d:bc:32:08:df:fd:1d:
                    35:60:f1:d5:f4:76:8c:3c:ff:5e:86:1a:09:1d:16:
                    d4:ea:5f:92:bb:59:9c:dc:57:f9:d3:a7:78:5c:0a:
                    14:a2:3a:f3:1f:13:17:20:27:86:0c:e8:97:9e:d1:
                    2a:cb:ca:be:f2:87:64:c2:e3:98:09:cb:13:3b:ef:
                    e6:88:b0:6d:94:33:84:26:ef:bf:b3:e7:06:8b:91:
                    d9:65:7d:af:7b:43:f9:c9:c1:7d:6e:c9:18:8d:cc:
                    36:6b:ff:19:2a:d3:79:c5:ce:61:e4:65:bb:36:4b:
                    e3:f3:c3:b6:6a:4d:12:3a:e8:64:cf:6e:1a:2b:db:
                    9f:46:28:11:1d:41:f2:6d:f7:0a:dc:41:46:8a:81:
                    a0:41:e7:75:30:22:76:28:cd:55:5d:54:34:6c:bd:
                    89:10:bd:6f:01:f1:da:bf:d9:68:d5:9a:e9:eb:7e:
                    20:de:d5:00:10:e9:5e:ac:a5:0e:ef:8c:7a:f6:c0:
                    9d:35:ee:52:cc:20:89:b1:0a:ab:83:e3:a3:ac:04:
                    7a:0e:2d:0c:1a:66:c5:43:4e:8b:47:32:e0:fa:c7:
                    31:6b:8d:56:9a:1b:45:2e:1a:16:b0:20:71:79:72:
                    2c:01:d1:2d:ed:b4:26:bb:34:24:af:81:d8:29:47:
                    14:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                60:90:36:88:A6:80:EA:B8:08:B9:63:58:56:05:DF:50:E7:87:11:00
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:appmontilla.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : B7:3E:FB:24:DF:9C:4D:BA:75:F2:39:C5:BA:58:F4:6C:
                                5D:FC:42:CF:7A:9F:35:C4:9E:1D:09:81:25:ED:B4:99
                    Timestamp : Jun 20 22:30:02.259 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:62:58:A5:8A:A2:69:F0:E1:0A:FF:C7:50:
                                85:15:93:07:1A:28:A7:D0:F9:E3:44:A7:97:F9:59:47:
                                38:14:7F:F2:02:20:38:71:A7:4F:FB:4A:B9:92:A0:3B:
                                BB:AE:1F:B9:77:CF:8D:EC:DD:D6:D3:55:85:94:C3:88:
                                27:46:21:7D:14:2B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
                                16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
                    Timestamp : Jun 20 22:30:02.281 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6F:D0:97:37:AA:19:DF:D4:69:3E:F4:8D:
                                09:53:2D:9B:05:37:BE:F1:F3:53:3D:11:2B:BC:B3:B7:
                                A6:C1:BE:19:02:20:5D:B9:D9:E6:B4:CB:97:67:8A:6A:
                                A3:C7:C4:63:71:63:22:DC:8D:51:F1:CA:8E:48:34:BE:
                                DF:60:39:F6:F8:D8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        32:68:a6:60:7e:dc:c1:82:ef:13:ec:1e:ca:2d:83:aa:7b:bf:
        0e:5d:a9:8a:18:b0:d5:7f:06:a9:1e:00:27:ee:b6:57:a1:bd:
        ea:74:fa:c8:68:90:2c:60:ec:31:63:32:e0:27:9b:66:16:c4:
        f7:fe:8c:ae:7c:31:f1:ad:dc:b6:c8:62:c2:8c:42:47:f2:4c:
        a0:0f:42:52:e7:a1:2d:0b:d9:d4:d4:98:28:91:e6:6d:29:cf:
        73:65:6f:8b:d0:17:21:6a:5b:13:fd:cf:c6:70:9e:96:1d:1f:
        18:36:f8:c9:b8:92:e8:31:27:4f:f3:d7:c8:ea:a3:98:e2:4d:
        b2:82:ac:45:78:f6:39:59:db:0a:1c:36:90:81:ff:a1:4a:85:
        1f:e1:1c:54:96:eb:7f:14:27:9c:d7:4a:2a:c3:e1:b7:c3:ef:
        ad:23:0e:f7:d6:3e:55:9b:c2:70:6e:23:e4:cd:d8:ed:56:61:
        88:63:a5:01:54:ba:b2:08:54:b3:7a:95:16:64:b4:9e:80:c5:
        1c:70:da:61:db:78:4c:ce:af:af:d8:e6:01:92:b1:46:da:c1:
        dd:31:e9:73:3b:46:85:b0:d4:2e:f3:0b:bb:0d:cf:8f:0e:3c:
        a6:b6:75:78:5e:55:64:7e:b0:e6:eb:77:ce:16:67:8e:6d:3a:
        e5:fc:ea:85

-1541715696 | 2024-04-25T11:37:18.023901

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.4.25-MariaDB
  Capabilities: 63486
  Server Language: 45
  Server Status: 2
  Extended Server Capabilities: 33279
  Authentication Plugin: mysql_native_password

-1293053572 | 2024-04-25T11:52:16.194041

8443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.19.0
Date: Thu, 25 Apr 2024 11:52:16 GMT
Content-Type: text/html
Content-Length: 2751
Connection: keep-alive
X-Frame-Options: DENY
Vary: Origin
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:83:9b:28:4e:43:9e:45:0d:19:e4:4d:c6:79:8d:55:ac:37
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Jun 20 21:30:02 2023 GMT
            Not After : Sep 18 21:30:01 2023 GMT
        Subject: CN=appmontilla.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:aa:a8:81:cc:6c:6a:b9:1d:bc:32:08:df:fd:1d:
                    35:60:f1:d5:f4:76:8c:3c:ff:5e:86:1a:09:1d:16:
                    d4:ea:5f:92:bb:59:9c:dc:57:f9:d3:a7:78:5c:0a:
                    14:a2:3a:f3:1f:13:17:20:27:86:0c:e8:97:9e:d1:
                    2a:cb:ca:be:f2:87:64:c2:e3:98:09:cb:13:3b:ef:
                    e6:88:b0:6d:94:33:84:26:ef:bf:b3:e7:06:8b:91:
                    d9:65:7d:af:7b:43:f9:c9:c1:7d:6e:c9:18:8d:cc:
                    36:6b:ff:19:2a:d3:79:c5:ce:61:e4:65:bb:36:4b:
                    e3:f3:c3:b6:6a:4d:12:3a:e8:64:cf:6e:1a:2b:db:
                    9f:46:28:11:1d:41:f2:6d:f7:0a:dc:41:46:8a:81:
                    a0:41:e7:75:30:22:76:28:cd:55:5d:54:34:6c:bd:
                    89:10:bd:6f:01:f1:da:bf:d9:68:d5:9a:e9:eb:7e:
                    20:de:d5:00:10:e9:5e:ac:a5:0e:ef:8c:7a:f6:c0:
                    9d:35:ee:52:cc:20:89:b1:0a:ab:83:e3:a3:ac:04:
                    7a:0e:2d:0c:1a:66:c5:43:4e:8b:47:32:e0:fa:c7:
                    31:6b:8d:56:9a:1b:45:2e:1a:16:b0:20:71:79:72:
                    2c:01:d1:2d:ed:b4:26:bb:34:24:af:81:d8:29:47:
                    14:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                60:90:36:88:A6:80:EA:B8:08:B9:63:58:56:05:DF:50:E7:87:11:00
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:appmontilla.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : B7:3E:FB:24:DF:9C:4D:BA:75:F2:39:C5:BA:58:F4:6C:
                                5D:FC:42:CF:7A:9F:35:C4:9E:1D:09:81:25:ED:B4:99
                    Timestamp : Jun 20 22:30:02.259 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:62:58:A5:8A:A2:69:F0:E1:0A:FF:C7:50:
                                85:15:93:07:1A:28:A7:D0:F9:E3:44:A7:97:F9:59:47:
                                38:14:7F:F2:02:20:38:71:A7:4F:FB:4A:B9:92:A0:3B:
                                BB:AE:1F:B9:77:CF:8D:EC:DD:D6:D3:55:85:94:C3:88:
                                27:46:21:7D:14:2B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
                                16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
                    Timestamp : Jun 20 22:30:02.281 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6F:D0:97:37:AA:19:DF:D4:69:3E:F4:8D:
                                09:53:2D:9B:05:37:BE:F1:F3:53:3D:11:2B:BC:B3:B7:
                                A6:C1:BE:19:02:20:5D:B9:D9:E6:B4:CB:97:67:8A:6A:
                                A3:C7:C4:63:71:63:22:DC:8D:51:F1:CA:8E:48:34:BE:
                                DF:60:39:F6:F8:D8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        32:68:a6:60:7e:dc:c1:82:ef:13:ec:1e:ca:2d:83:aa:7b:bf:
        0e:5d:a9:8a:18:b0:d5:7f:06:a9:1e:00:27:ee:b6:57:a1:bd:
        ea:74:fa:c8:68:90:2c:60:ec:31:63:32:e0:27:9b:66:16:c4:
        f7:fe:8c:ae:7c:31:f1:ad:dc:b6:c8:62:c2:8c:42:47:f2:4c:
        a0:0f:42:52:e7:a1:2d:0b:d9:d4:d4:98:28:91:e6:6d:29:cf:
        73:65:6f:8b:d0:17:21:6a:5b:13:fd:cf:c6:70:9e:96:1d:1f:
        18:36:f8:c9:b8:92:e8:31:27:4f:f3:d7:c8:ea:a3:98:e2:4d:
        b2:82:ac:45:78:f6:39:59:db:0a:1c:36:90:81:ff:a1:4a:85:
        1f:e1:1c:54:96:eb:7f:14:27:9c:d7:4a:2a:c3:e1:b7:c3:ef:
        ad:23:0e:f7:d6:3e:55:9b:c2:70:6e:23:e4:cd:d8:ed:56:61:
        88:63:a5:01:54:ba:b2:08:54:b3:7a:95:16:64:b4:9e:80:c5:
        1c:70:da:61:db:78:4c:ce:af:af:d8:e6:01:92:b1:46:da:c1:
        dd:31:e9:73:3b:46:85:b0:d4:2e:f3:0b:bb:0d:cf:8f:0e:3c:
        a6:b6:75:78:5e:55:64:7e:b0:e6:eb:77:ce:16:67:8e:6d:3a:
        e5:fc:ea:85

67.205.189.208

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1566429866 | 2024-04-20T04:57:44.834567
22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.7

-2100514759 | 2024-04-27T10:32:02.114873
80 / tcp

nginx

-2000433865 | 2024-04-21T02:57:41.358950
443 / tcp

nginx1.20.2

-1541715696 | 2024-04-25T11:37:18.023901
3306 / tcp

MariaDB10.4.25-MariaDB

-1293053572 | 2024-04-25T11:52:16.194041
8443 / tcp

nginx1.19.0

Products

Pricing

Contact Us

67.205.189.208

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1566429866 | 2024-04-20T04:57:44.834567 22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.7

-2100514759 | 2024-04-27T10:32:02.114873 80 / tcp

nginx

-2000433865 | 2024-04-21T02:57:41.358950 443 / tcp

nginx1.20.2

-1541715696 | 2024-04-25T11:37:18.023901 3306 / tcp

MariaDB10.4.25-MariaDB

-1293053572 | 2024-04-25T11:52:16.194041 8443 / tcp

nginx1.19.0

Products

Pricing

Contact Us

1566429866 | 2024-04-20T04:57:44.834567
22 / tcp

-2100514759 | 2024-04-27T10:32:02.114873
80 / tcp

-2000433865 | 2024-04-21T02:57:41.358950
443 / tcp

-1541715696 | 2024-04-25T11:37:18.023901
3306 / tcp

-1293053572 | 2024-04-25T11:52:16.194041
8443 / tcp