GeneralInformation

Hostnames	gaga.live ecs-159-138-93-244.compute.hwclouds-dns.com
Domains	gaga.live hwclouds-dns.com
Country	Singapore
City	Singapore
Organization	Huawei Singapore Clouds
ISP	HUAWEI CLOUDS
ASN	AS136907

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

2019

CVE-2019-20372

5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

80 443

80 / tcp

-1117279507 | 2025-02-22T05:03:26.419755

Hashes

hash

-1098796634

http.dom_hash

1120486059

http.favicon.hash

324526308

http.html_hash

-1117279507

http.server_hash

532903735

http.title_hash

-1804479110

Gaga Admin

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 22 Feb 2025 05:03:25 GMT
Content-Type: text/html
Content-Length: 16956
Last-Modified: Wed, 09 Aug 2023 10:13:51 GMT
Connection: keep-alive
ETag: "64d366df-423c"
Accept-Ranges: bytes

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618 CVE-2019-20372

443 / tcp

624955249 | 2025-02-23T13:43:28.622250

Hashes

hash

-2138974961

http.dom_hash

-1943162103

http.favicon.hash

324526308

http.html_hash

624955249

http.server_hash

532903735

http.title_hash

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sun, 23 Feb 2025 13:43:28 GMT
Content-Type: text/html
Content-Length: 1406
Last-Modified: Fri, 12 Apr 2024 12:04:46 GMT
Connection: keep-alive
ETag: "6619235e-57e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:82:57:d2:61:73:cc:0e:69:ff:97:60:04:e9:30:4e:54:32
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Dec 18 06:13:06 2024 GMT
            Not After : Mar 18 06:13:05 2025 GMT
        Subject: CN=gaga.live
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c3:13:fd:04:c4:0e:ad:1f:f7:12:c1:18:e7:55:
                    5c:a1:f0:20:13:11:02:2a:f7:e5:84:37:e9:db:3c:
                    65:d7:90:27:a7:53:d4:98:8e:25:1a:90:4c:df:65:
                    5a:cd:47:b6:78:ef:16:7c:aa:b4:48:66:d5:10:94:
                    73:79:c6:a1:f5:df:88:6e:11:d5:74:7e:dd:c7:af:
                    66:7d:67:3c:08:ab:16:22:45:6c:93:34:f5:b7:70:
                    8c:7e:0f:6e:7c:7f:7a:a2:aa:92:7f:0a:c5:b2:cf:
                    40:e3:0a:e6:02:41:52:db:f2:cf:a8:a8:3e:1e:6b:
                    be:35:d0:e3:c8:83:0f:7d:ed:4d:31:fc:9b:4f:b4:
                    be:68:19:60:fa:bc:59:d1:b2:92:e4:4d:e6:00:b5:
                    a5:49:a3:97:13:0f:22:d5:4b:86:b5:10:4b:39:14:
                    b7:a2:33:6e:37:f4:aa:6e:b8:d7:43:c7:33:46:b5:
                    46:2a:6a:95:3a:6a:da:bd:3f:89:07:27:fe:60:70:
                    3a:69:b7:f2:e1:39:b3:05:c9:c3:dc:fb:27:98:e0:
                    15:b8:b3:93:84:30:8b:21:65:f7:ee:1e:54:75:10:
                    8f:43:fa:59:c4:a5:b3:9b:64:7f:1c:a7:8e:59:5f:
                    47:76:5d:80:1a:85:7a:2a:6c:b9:d3:1c:f2:18:8d:
                    37:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6C:D2:50:9F:36:5B:37:C3:E8:C8:FA:B0:FB:51:30:62:5F:C2:AD:69
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.gaga.live, DNS:gaga.live
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Dec 18 07:11:36.751 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D0:13:34:92:68:46:60:E4:1B:15:D6:
                                9B:A0:72:16:4C:2F:11:8B:AE:72:F2:74:E8:36:14:1C:
                                78:49:BD:EE:42:02:21:00:FD:BE:6E:71:CC:68:E1:0B:
                                CE:C4:5C:67:57:5E:6C:49:09:30:5C:E5:18:83:26:40:
                                14:8B:19:DF:EF:F7:36:14
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Dec 18 07:11:36.749 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2C:87:BA:EA:D5:B9:4B:2A:1D:E0:A8:EF:
                                FF:8A:C5:B1:4B:0B:A8:A2:A9:FD:75:97:23:BA:74:F9:
                                6C:E2:3A:D7:02:20:21:C8:4D:65:8D:03:CD:10:0A:38:
                                87:4E:1B:48:89:65:21:A8:3D:0E:6E:25:95:24:22:46:
                                94:80:85:3D:A2:02
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        19:45:90:67:27:ba:3b:3d:48:84:2b:1e:6b:40:11:ed:2d:c7:
        63:f4:c0:da:ce:b9:2d:bc:84:00:61:c3:02:36:bb:d5:f2:31:
        db:77:1b:f8:7c:73:bc:ef:b0:0d:2d:8c:f8:6d:b0:23:3c:56:
        db:eb:fe:34:51:60:8f:0b:a1:1f:36:1f:18:c2:20:7e:8c:00:
        4e:c9:4b:2b:76:6c:f5:19:23:f9:7b:ef:bc:7a:ab:06:97:58:
        80:2c:14:e3:4b:c2:a5:88:ce:4f:42:16:45:c7:3d:4d:5b:67:
        3a:18:f1:6d:67:cf:0d:36:69:77:6a:67:95:0c:dd:0c:6a:c2:
        c9:27:c8:0b:1c:b8:ce:7b:94:cb:42:45:c1:a9:08:4f:bf:79:
        c1:77:44:af:34:06:20:a3:88:2a:87:03:6b:7d:25:b7:f1:35:
        39:70:ed:8e:59:8a:59:e3:f4:b8:4b:03:52:3a:3f:5c:44:bb:
        a5:b7:69:89:98:84:82:f0:94:c4:2b:68:72:09:79:ae:a0:be:
        af:27:29:1d:4e:59:08:7f:24:7f:ff:83:22:53:3d:0c:da:4d:
        b3:6d:59:08:f6:c1:db:2c:9a:0a:e6:4c:9d:35:1d:8f:64:c3:
        ca:0f:65:d1:cf:24:31:64:23:4b:4c:32:b3:c0:ba:63:fb:37:
        45:4d:82:16

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618 CVE-2019-20372

159.138.93.244

Last Seen: 2025-02-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

80 / tcp

-1117279507 | 2025-02-22T05:03:26.419755

Hashes

nginx1.16.1

443 / tcp

624955249 | 2025-02-23T13:43:28.622250

Hashes

nginx1.16.1

Products

Pricing

Contact Us

159.138.93.244

Last Seen: 2025-02-23

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp -1117279507 | 2025-02-22T05:03:26.419755

Hashes

nginx1.16.1

443 / tcp 624955249 | 2025-02-23T13:43:28.622250

Hashes

nginx1.16.1

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-1117279507 | 2025-02-22T05:03:26.419755

443 / tcp

624955249 | 2025-02-23T13:43:28.622250