GeneralInformation

Hostnames	ac30743.thebeautyskiin.online
Domains	thebeautyskiin.online
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	Clifton
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 25 80 123 443 22222

-31290598 | 2024-05-14T23:08:06.949296

22 / tcp

SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCxW+ge4qCPzI5eGxDCZ7WdYRGedU50QjDugzA2guCnGK79
kJqUhnI0HeB/t2kDE7oUimGlwG8Vbf1P8ORPO5pKZrQH2fZ7A9aGvh29SdCap//dv+U4GAAYZw6L
p7pursgQI/klw3aqDpEnUdsbA/Dva2DSeIupiO6SIdVXTG6xQ9rup7MRtgtDAM2hbU0sgqEFez1y
b4Eb+ZS84SJ8oX5KpT6uIDngysfiSGeYNUojb9HvV7w1xeFwX6Ki0aNYm3MJRKSvMDEir2Pxjnfw
qD/Ikipv+bG/ZniJ3KtiAONEUIuNst40H943CBJOBlxNsULPxGzJ+UuD5ksAiJdhS7/n
Fingerprint: 01:85:86:98:8d:11:b8:41:96:f6:0d:7a:46:37:a4:08

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1177162379 | 2024-05-12T08:22:31.089363

25 / tcp

220 ac30743.thebeautyskiin.online ESMTP Postfix (Debian/GNU)
250-ac30743.thebeautyskiin.online
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:cb:55:57:f9:02:a2:3f:8d:be:d3:bb:8a:b8:0c:aa:c3:79:83:d2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac30743.thebeautyskiin.online
        Validity
            Not Before: May  4 00:29:42 2024 GMT
            Not After : May  2 00:29:42 2034 GMT
        Subject: CN=ac30743.thebeautyskiin.online
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:8a:c8:d4:73:04:30:e2:9c:6a:70:b8:45:58:
                    4b:ba:6b:e0:7c:31:9e:a1:23:5f:8d:a4:57:8c:ab:
                    8f:f7:44:17:9d:4c:9d:d7:8f:79:0b:79:30:98:e7:
                    5d:82:26:59:71:7c:87:f8:25:d2:20:b1:0d:a3:5b:
                    95:e0:a5:b5:64:af:cb:7d:c7:c7:e2:3c:7e:58:87:
                    56:d8:82:55:06:02:f6:63:af:f7:f1:c7:d6:0a:85:
                    72:0e:0f:d7:cb:ad:75:c1:b7:27:68:4a:5b:36:6b:
                    cb:de:ac:74:bd:1a:bb:15:44:0a:8f:c8:ca:32:7d:
                    7e:08:11:fd:48:bd:07:59:72:a3:63:61:ae:0b:88:
                    d9:18:af:1f:6c:d4:3e:c0:99:cb:0f:50:e9:79:3c:
                    cf:54:d0:a0:08:60:78:39:64:5e:3d:ad:85:8e:02:
                    d2:e4:8a:af:47:d7:f5:bd:cf:2a:e4:43:b4:5e:80:
                    6f:58:3a:87:9d:86:63:a2:03:6e:7c:5b:be:5b:98:
                    22:ed:8f:fe:09:aa:b4:d5:d1:56:98:c3:82:17:10:
                    7a:e4:5d:69:70:d3:6e:49:11:43:ac:07:55:0e:cc:
                    c7:22:d7:f5:14:06:f4:8c:07:ec:47:d6:4b:87:d5:
                    9c:13:7f:af:50:89:0d:dc:8b:26:aa:d8:16:60:4b:
                    02:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:ac30743.thebeautyskiin.online
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        96:a2:3e:d8:a1:35:09:72:55:c3:4f:ed:a3:4a:c2:1c:44:62:
        5f:0f:67:be:fb:6a:a5:10:ba:06:b1:7a:44:e8:a6:90:01:2b:
        ee:b3:56:47:93:9a:bb:28:9a:eb:20:7b:c1:04:5b:75:74:b3:
        a7:a1:03:d0:27:24:b8:a0:83:97:f0:eb:53:13:7b:de:a1:4f:
        93:0b:69:bb:ce:1b:bd:46:fe:79:b8:fc:17:80:a6:ea:9b:69:
        4b:fc:d6:6b:f9:b4:ed:e8:52:3c:65:77:93:af:49:cc:01:90:
        f2:dd:2c:0f:87:77:e3:18:12:b4:cf:6f:9a:10:fd:6c:6d:bf:
        b2:de:0d:6c:c1:9d:be:d3:50:4e:6e:f1:c4:98:38:84:85:42:
        60:24:73:f8:77:75:ba:9d:af:ce:46:56:0d:c4:2d:cd:a0:99:
        65:8f:21:02:dc:ac:03:d8:a7:4e:10:ef:3e:a5:c8:84:51:8a:
        d0:b6:66:8b:8d:ca:37:fe:37:d3:21:95:48:00:11:93:0b:d8:
        8b:f5:3b:ee:b7:19:f4:04:70:0b:97:77:81:ed:db:cd:0b:87:
        f8:36:f2:33:46:2e:0b:74:25:62:ae:d6:f2:48:05:25:ad:28:
        2a:b9:94:07:6b:6f:14:f8:83:ed:de:de:1a:f3:c4:fa:79:cf:
        8d:61:65:7d

-806824754 | 2024-04-30T16:44:29.073328

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 30 Apr 2024 16:44:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 96
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Location: https://45.55.64.61/
Vary: Accept, Accept-Encoding

-2037328890 | 2024-05-17T19:54:24.941526

123 / udp

NTP
protocolversion: 3
stratum: 0
leap: 3
precision: 0
rootdelay: 0.0
rootdisp: 0.0
refid: 1380013125
reftime: 0.0
poll: 3

1301411141 | 2024-05-17T10:39:17.532068

443 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 17 May 2024 10:39:17 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

-23674247 | 2024-05-17T10:39:09.200743

22222 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 17 May 2024 10:39:09 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://45.55.64.61:22222/
X-Powered-By: Agius.Cloud 1.2.0
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

45.55.64.61

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-31290598 | 2024-05-14T23:08:06.949296
22 / tcp

OpenSSH7.9p1 Debian 10+deb10u4

1177162379 | 2024-05-12T08:22:31.089363
25 / tcp

Postfix smtpd

-806824754 | 2024-04-30T16:44:29.073328
80 / tcp

nginx1.18.0

-2037328890 | 2024-05-17T19:54:24.941526
123 / udp

1301411141 | 2024-05-17T10:39:17.532068
443 / tcp

nginx

-23674247 | 2024-05-17T10:39:09.200743
22222 / tcp

nginx

Products

Pricing

Contact Us

45.55.64.61

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-31290598 | 2024-05-14T23:08:06.949296 22 / tcp

OpenSSH7.9p1 Debian 10+deb10u4

1177162379 | 2024-05-12T08:22:31.089363 25 / tcp

Postfix smtpd

-806824754 | 2024-04-30T16:44:29.073328 80 / tcp

nginx1.18.0

-2037328890 | 2024-05-17T19:54:24.941526 123 / udp

1301411141 | 2024-05-17T10:39:17.532068 443 / tcp

nginx

-23674247 | 2024-05-17T10:39:09.200743 22222 / tcp

nginx

Products

Pricing

Contact Us

-31290598 | 2024-05-14T23:08:06.949296
22 / tcp

1177162379 | 2024-05-12T08:22:31.089363
25 / tcp

-806824754 | 2024-04-30T16:44:29.073328
80 / tcp

-2037328890 | 2024-05-17T19:54:24.941526
123 / udp

1301411141 | 2024-05-17T10:39:17.532068
443 / tcp

-23674247 | 2024-05-17T10:39:09.200743
22222 / tcp