GeneralInformation

Hostnames	ip103-183-75-144.cloudhost.web.id api-kanaltapem.sandboxindonesia.id
Domains	cloudhost.web.id sandboxindonesia.id
Country	Indonesia
City	Jakarta
Organization	PT Cloud Hosting Indonesia
ISP	PT Cloud Hosting Indonesia
ASN	AS136052
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443 3001

22 / tcp

-1613994957 | 2025-04-14T17:47:00.880485

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.11
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMMAQiNpoD+gi+cW/lkKbZH9
JRQuBIlAAoib4GZzGkY/fGt7vdptY5rrJPF0c20F1I+JJdR7mf+mSYOfPeIH0xY=
Fingerprint: 78:5a:a0:72:98:56:2b:39:d7:f3:cb:08:10:f5:c6:67

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

1651973090 | 2025-04-09T02:17:26.532237

Hashes

hash

1057431268

http.dom_hash

-2049760045

http.html_hash

1651973090

http.server_hash

967792298

http.title_hash

911614014

Welcome to nginx!

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 09 Apr 2025 02:17:26 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 03 Nov 2023 07:25:54 GMT
Connection: keep-alive
ETag: "6544a082-264"
Accept-Ranges: bytes

Vulnerabilities

443 / tcp

1731104000 | 2025-04-09T06:18:49.965765

Hashes

hash

887404295

http.dom_hash

-2006505642

http.html_hash

1731104000

http.server_hash

967792298

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 09 Apr 2025 06:18:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 39
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: *

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:7a:4b:79:63:6b:c6:64:8a:87:3c:49:85:03:9b:13:c2:0c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 10 17:27:00 2025 GMT
            Not After : Jun  8 17:26:59 2025 GMT
        Subject: CN=api-kanaltapem.sandboxindonesia.id
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:ca:2e:3d:23:83:52:54:00:90:30:50:49:16:
                    0f:1d:07:17:64:db:b3:72:df:2a:ef:43:50:c5:b9:
                    1d:69:de:45:b0:07:19:5f:cf:e6:63:ec:d2:17:3b:
                    ed:20:8c:5a:39:d0:33:0d:8b:91:3b:f3:9b:00:d7:
                    44:85:53:65:02:f1:3b:80:b5:4f:7d:f7:ee:1b:da:
                    7f:7e:e7:22:18:77:a2:fb:ec:a5:ec:b2:56:ca:fa:
                    c6:b8:ef:d1:51:f3:6d:b3:28:f7:3d:45:86:ce:2c:
                    1b:a7:fd:8b:29:e3:1f:54:76:eb:2d:db:f9:e7:b6:
                    dd:06:0c:d9:eb:95:66:c9:31:90:f7:06:2c:4b:38:
                    62:95:00:d2:41:7e:3b:b5:da:9c:c2:e1:3f:80:99:
                    1c:a2:cc:ac:b8:be:83:1c:d5:3b:42:01:f1:5e:90:
                    bb:c3:e7:75:67:59:d6:eb:63:9a:8c:84:9e:a2:30:
                    db:23:cc:61:ec:87:92:c6:14:a5:c8:1f:e7:4b:41:
                    4c:37:09:fa:25:b8:97:ce:94:25:c6:26:c8:75:cc:
                    c3:88:db:33:4e:25:3e:76:97:19:bf:64:2d:7a:f4:
                    82:e3:7a:2a:c0:75:94:23:e5:0a:fa:86:0e:a2:26:
                    67:26:54:95:e8:f0:f7:d4:2c:83:14:f2:f7:eb:4f:
                    80:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                00:FF:5E:FF:44:F4:40:0F:6F:D0:B2:25:3E:63:3F:67:60:9B:A5:B3
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api-kanaltapem.sandboxindonesia.id
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 10 18:25:31.205 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:89:A0:4D:ED:0C:1D:94:DD:8A:C4:36:
                                E2:39:FC:72:91:BF:52:2F:66:41:A9:B4:F4:54:B9:98:
                                76:AC:17:76:05:02:20:55:60:70:FF:16:84:A8:24:80:
                                08:76:CA:8A:E6:9E:8B:48:67:C8:1D:17:F8:AD:37:79:
                                55:C1:86:CF:DD:01:CB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Mar 10 18:25:31.244 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A4:A3:25:C2:B4:76:83:92:B8:4F:49:
                                5D:CD:90:BD:62:F4:D9:96:B1:7B:5F:5F:1D:71:0C:23:
                                34:B4:14:91:60:02:20:5A:3F:EF:89:6C:DD:F3:62:14:
                                04:4D:8A:91:B4:3C:3E:CD:AD:82:D2:60:D9:5D:C8:34:
                                DB:C2:9A:55:46:A7:5F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a4:69:18:b4:5e:8a:ad:06:93:58:bb:38:79:ba:d6:5e:8f:b1:
        7c:6c:21:2d:b8:2f:ea:fe:31:3f:d1:5a:51:19:dd:61:75:9b:
        4b:56:52:d3:a7:8d:a6:78:57:72:81:30:3a:c5:79:9c:42:39:
        0f:58:68:14:82:27:0f:c3:0f:a3:3f:a7:d8:d4:f6:55:2f:74:
        23:68:d5:6c:1f:49:f6:c3:95:84:69:3b:a5:e0:32:73:ae:fb:
        56:3a:be:b4:1a:d1:1e:af:41:d4:12:be:af:59:bb:5d:a4:32:
        72:20:b5:1d:24:c9:d5:be:25:c8:6b:0f:5c:bc:61:f2:b8:d4:
        9d:ef:f0:6d:8c:29:f3:ea:63:b8:bc:d4:39:34:c4:bc:4f:d6:
        1f:4e:95:2b:c0:48:70:bf:82:08:fd:21:a6:e9:bd:ef:7a:67:
        b9:4d:69:17:4b:87:0f:61:42:8d:d1:fa:e5:da:3a:85:47:3d:
        63:9c:64:0b:0e:c2:10:c3:e6:7e:31:0f:9b:e7:69:fa:3e:d6:
        a7:dd:ed:1b:db:ba:1e:fb:79:f3:f8:b8:61:96:d3:df:74:8d:
        53:b2:af:18:2e:52:6c:db:9b:d9:16:a5:8d:c6:a5:36:2b:21:
        c5:76:17:33:08:65:09:d7:57:cf:e2:43:f6:c0:c1:2f:9a:2e:
        49:5e:95:4a

Vulnerabilities

3001 / tcp

-629313196 | 2025-04-08T21:59:06.879086

HTTP/1.1 200 OK
Date: Tue, 08 Apr 2025 21:59:06 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 39
Vary: Origin
Access-Control-Allow-Origin: *

Welcome to Kanal Tata Pemerintahan APIs

103.183.75.144

Last Seen: 2025-04-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

22 / tcp

-1613994957 | 2025-04-14T17:47:00.880485

OpenSSH8.9p1 Ubuntu 3ubuntu0.11

80 / tcp

1651973090 | 2025-04-09T02:17:26.532237

Hashes

nginx1.18.0

443 / tcp

1731104000 | 2025-04-09T06:18:49.965765

Hashes

nginx1.18.0

3001 / tcp

-629313196 | 2025-04-08T21:59:06.879086

Products

Pricing

Contact Us

103.183.75.144

Last Seen: 2025-04-14

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

22 / tcp -1613994957 | 2025-04-14T17:47:00.880485

OpenSSH8.9p1 Ubuntu 3ubuntu0.11

80 / tcp 1651973090 | 2025-04-09T02:17:26.532237

Hashes

nginx1.18.0

443 / tcp 1731104000 | 2025-04-09T06:18:49.965765

Hashes

nginx1.18.0

3001 / tcp -629313196 | 2025-04-08T21:59:06.879086

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-1613994957 | 2025-04-14T17:47:00.880485

80 / tcp

1651973090 | 2025-04-09T02:17:26.532237

443 / tcp

1731104000 | 2025-04-09T06:18:49.965765

3001 / tcp

-629313196 | 2025-04-08T21:59:06.879086