GeneralInformation

Hostnames	lawa.by www.lawa.by
Domains	lawa.by
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

WebTechnologies

Database managers

Adminer4.8.1

Programming languages

PHP

Tag managers

Google Tag Manager

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 80 443 1337 3000 8080

733994432 | 2024-11-05T15:24:40.136810

22 / tcp

SSH-2.0-OpenSSH_9.0p1 Ubuntu-1ubuntu7
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEIenzrnedKjvGBB640MZMVp
yFgLAFgJAl8Yj92/Q3Wy0GM5ZlqPCggKfjo5+27UaXFvNSm1ks08DoWXLgG100Q=
Fingerprint: 55:52:bb:df:d6:6f:c5:2f:61:cf:36:c4:d3:94:f5:20

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1637199859 | 2024-10-21T18:20:43.653353

80 / tcp

Welcome to nginx!

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 21 Oct 2024 18:20:43 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Mon, 17 Apr 2023 20:26:46 GMT
Connection: keep-alive
ETag: "643dab86-267"
Accept-Ranges: bytes

978557404 | 2024-10-28T12:55:38.099814

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 28 Oct 2024 12:55:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9007
Connection: keep-alive
X-Powered-By: Next.js
ETag: "cd9qt3mopp6rr"
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:cf:80:3d:c6:92:eb:cf:8d:8f:bb:36:73:a6:0b:7b:7e:20
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Oct 10 18:13:34 2024 GMT
            Not After : Jan  8 18:13:33 2025 GMT
        Subject: CN=lawa.by
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d2:83:70:9e:0e:11:34:1a:cd:89:e8:0b:d6:31:
                    cf:96:23:a5:14:c3:0e:b7:51:d5:ca:ee:c4:b9:6a:
                    11:87:9c:a1:2f:86:3e:7f:10:f3:9c:bb:be:d9:a3:
                    dd:ba:ab:29:1b:e1:37:7b:06:a6:ec:a3:32:8b:34:
                    f5:b9:8d:d1:8c:74:3b:96:a7:db:30:87:c4:78:7b:
                    50:24:43:af:bf:e0:e3:7b:c5:15:50:25:b1:ec:16:
                    42:3e:04:c4:b0:e8:3b:66:a6:e3:7c:c8:5f:cd:01:
                    4c:7b:65:52:ca:97:cd:ff:66:b1:81:d1:10:83:b3:
                    35:7b:8a:90:b7:64:a8:5e:39:a2:38:52:de:d0:df:
                    d7:39:36:c6:55:a5:22:6c:ca:2c:a5:8f:95:b5:f5:
                    e1:95:e4:9c:74:72:a6:dc:d1:2b:da:00:92:42:b0:
                    2d:98:95:86:aa:79:c3:09:f8:26:6f:e1:70:9d:1c:
                    df:ac:2d:97:a3:79:cb:97:37:c8:d1:82:b1:7d:06:
                    23:8e:fc:71:10:91:ce:d8:69:5f:14:8d:9e:49:57:
                    36:ba:74:df:b6:9e:65:1f:7a:ff:bb:71:f7:03:ed:
                    52:2b:2e:3c:6c:41:ad:d9:c4:af:bc:79:39:75:ba:
                    74:f5:a3:77:d1:80:ae:ba:06:8a:dc:b7:7e:d3:55:
                    cc:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                61:13:98:43:9F:E4:93:F7:36:EF:50:DA:EE:C9:74:2C:A8:FE:22:DA
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:lawa.by, DNS:www.lawa.by
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Oct 10 19:12:04.812 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:12:A1:59:99:F7:04:7F:F9:C8:48:BB:BE:
                                BB:D1:00:AD:65:CB:02:71:AC:4D:FC:23:03:5E:C0:D8:
                                FC:95:36:EC:02:20:3F:FA:BC:65:44:2F:F6:5D:C9:56:
                                0D:89:4B:03:07:0C:6B:95:8D:8F:49:D1:8D:51:6A:63:
                                92:58:79:B1:E5:C5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Oct 10 19:12:04.885 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:62:C4:E9:CC:D9:82:78:C9:8D:0A:AF:55:
                                81:EE:24:DA:52:76:B0:1A:D5:62:4F:63:E9:99:B0:9B:
                                A3:4E:0B:A9:02:20:6D:60:DB:99:17:B7:8A:A3:6D:2D:
                                3F:58:E3:21:74:D3:9E:25:8D:68:54:DF:22:4F:6C:37:
                                64:5A:9C:01:AA:6B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        af:24:0a:a4:fc:cb:b1:d9:dc:a3:b5:e4:60:13:9b:1f:4d:84:
        5e:be:07:f9:7e:0d:c3:35:a7:b4:d2:8b:7e:2e:df:b6:0b:37:
        fb:83:c0:24:26:06:42:3a:ea:2e:1c:c4:d5:ac:df:d6:8e:26:
        1b:6a:ab:14:06:6f:04:00:ab:af:bd:fb:c7:47:d9:5a:77:cf:
        91:32:7a:1e:5e:32:c6:0f:2f:bb:3a:5a:d7:02:62:4e:c7:4d:
        b1:c7:52:3d:ef:fd:aa:00:77:63:5b:ac:89:6e:17:d7:d8:23:
        65:3c:94:51:20:69:87:b6:db:05:14:e1:e8:ba:73:4e:1c:80:
        24:20:f6:f8:b9:fb:85:54:a6:68:61:52:a2:64:27:de:d4:5b:
        a1:59:74:89:1c:5d:c0:5e:be:32:01:85:e7:73:f1:d8:80:90:
        cb:fd:79:5a:7a:5b:7f:4a:db:60:75:87:c9:d7:f6:40:67:99:
        03:13:96:8a:b8:70:ae:45:00:32:9e:fe:09:04:db:0c:e2:8b:
        eb:01:0d:1c:d7:8e:0e:a5:11:59:da:71:f5:3a:9c:ac:69:f8:
        76:fb:ab:53:d9:97:21:04:ec:2f:71:54:e8:5b:19:fc:c8:57:
        98:97:ed:b0:a7:ea:59:e6:cd:84:c9:49:56:d3:b6:65:94:77:
        ab:a5:ff:b2

-1739000774 | 2024-11-03T06:33:05.170438

1337 / tcp

HTTP/1.1 302 Found
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
Vary: Origin
Location: /admin
Content-Type: text/html; charset=utf-8
Content-Length: 43
X-Powered-By: Strapi <strapi.io>
Date: Sun, 03 Nov 2024 06:33:04 GMT
Connection: keep-alive
Keep-Alive: timeout=5

Redirecting to <a href="/admin">/admin</a>.

978557404 | 2024-10-21T05:09:27.177590

3000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Next.js
ETag: "cd9qt3mopp6rr"
Content-Type: text/html; charset=utf-8
Content-Length: 9007
Vary: Accept-Encoding
Date: Mon, 21 Oct 2024 05:09:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5

254149075 | 2024-10-28T06:07:31.860463

8080 / tcp

HTTP/1.1 200 OK
Host: 167.99.254.99
Date: Mon, 28 Oct 2024 06:07:31 GMT
Connection: close
X-Powered-By: PHP/7.4.33
Set-Cookie: adminer_sid=jl7o4bvao210u95thfn2tf1v1u; path=/; HttpOnly
Set-Cookie: adminer_key=86cc6c2c92c1d553f48ec81649f90279; path=/; HttpOnly; SameSite=lax
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
X-Frame-Options: deny
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'nonce-ZTQ2NDRiOGRiNWZjYzIwN2ZiYjgzOTIzZjMzYjVhNDU=' 'strict-dynamic'; connect-src 'self'; frame-src https://www.adminer.org; object-src 'none'; base-uri 'none'; form-action 'self'

CVE-2013-2220 CVE-2007-3205 CVE-2024-5458 CVE-2024-4577

167.99.254.99

Last Seen: 2024-11-05

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

733994432 | 2024-11-05T15:24:40.136810
22 / tcp

OpenSSH9.0p1 Ubuntu 1ubuntu7

1637199859 | 2024-10-21T18:20:43.653353
80 / tcp

nginx1.22.0

978557404 | 2024-10-28T12:55:38.099814
443 / tcp

nginx1.22.0

-1739000774 | 2024-11-03T06:33:05.170438
1337 / tcp

978557404 | 2024-10-21T05:09:27.177590
3000 / tcp

254149075 | 2024-10-28T06:07:31.860463
8080 / tcp

Products

Pricing

Contact Us

167.99.254.99

Last Seen: 2024-11-05

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 8080 Latest CVSS

OpenPorts

733994432 | 2024-11-05T15:24:40.136810 22 / tcp

OpenSSH9.0p1 Ubuntu 1ubuntu7

1637199859 | 2024-10-21T18:20:43.653353 80 / tcp

nginx1.22.0

978557404 | 2024-10-28T12:55:38.099814 443 / tcp

nginx1.22.0

-1739000774 | 2024-11-03T06:33:05.170438 1337 / tcp

978557404 | 2024-10-21T05:09:27.177590 3000 / tcp

254149075 | 2024-10-28T06:07:31.860463 8080 / tcp

Products

Pricing

Contact Us

Vulnerabilities

733994432 | 2024-11-05T15:24:40.136810
22 / tcp

1637199859 | 2024-10-21T18:20:43.653353
80 / tcp

978557404 | 2024-10-28T12:55:38.099814
443 / tcp

-1739000774 | 2024-11-03T06:33:05.170438
1337 / tcp

978557404 | 2024-10-21T05:09:27.177590
3000 / tcp

254149075 | 2024-10-28T06:07:31.860463
8080 / tcp