GeneralInformation

Hostnames	upcommerce.app
Domains	upcommerce.app
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 80 111 443 3306 5001 33060

1788140687 | 2024-12-25T03:56:09.345492

22 / tcp

SSH-2.0-OpenSSH_7.4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDDOQKsiCzOscsKHLFCgj1jnm6wPQCjT8M3RXQMpPqUa7uT
6a6FMqZL6ZcWdha/q/P4HpyrADcP996+cKDRx9zHMJpKpVUTowCYjVGOGCLHOzCCzn4qmsyi8rHE
rCbdDgmmJQRE8SYA6yVtNNWKzbKAQLmf9l7Gi3kC/sse/g7rnxoBCetAlDtxkHaGS+2EZ5c+3ykd
HNqHskGyVeVA1Lv/t93JXecm/QNC+Rm8AUQwO3UhYrRNoH7uASxmrAJLWYocoHGycWPJbla0cWAg
y72Gyi8xur+teJWft3Q4G8aW0/wMTUuxtCXIkqqWnh9PEhVwQQ/ffohUlqBlncdcEvRL
Fingerprint: e4:6a:c2:35:6b:a1:b8:fe:6c:5c:e4:49:3e:5b:64:c6

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com
	aes128-cbc
	aes192-cbc
	aes256-cbc
	blowfish-cbc
	cast128-cbc
	3des-cbc

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

CVE-2023-38408 CVE-2008-3844 CVE-2023-51767 CVE-2021-41617 CVE-2020-15778 13 moreCVE-2023-51385 CVE-2023-48795 CVE-2020-14145 CVE-2019-6111 CVE-2019-6110 CVE-2019-6109 CVE-2018-20685 CVE-2018-15919 CVE-2018-15473 CVE-2017-15906 CVE-2016-20012 CVE-2007-2768 CVE-2021-36368

-1836475360 | 2025-01-07T14:04:38.913277

80 / tcp

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Tue, 07 Jan 2025 14:04:38 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

CVE-2023-44487 CVE-2021-3618

-1345205424 | 2025-01-08T01:56:35.906426

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-1345205424 | 2025-01-08T11:54:38.607025

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-616353752 | 2025-01-04T15:26:28.638459

443 / tcp

Document

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Jan 2025 15:26:28 GMT
Content-Type: text/html
Content-Length: 216
Last-Modified: Mon, 03 Jul 2023 15:12:25 GMT
Connection: keep-alive
ETag: "64a2e559-d8"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:f4:e8:29:e7:a6:bf:68:3e:4b:86:24:20:1c:e3:a9:e4:e8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Jan  2 13:01:53 2025 GMT
            Not After : Apr  2 13:01:52 2025 GMT
        Subject: CN=upcommerce.app
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:df:db:0e:91:f6:04:97:1f:82:a0:76:d1:57:
                    f6:e2:aa:fe:7b:de:7c:7a:c0:ed:57:df:9f:1f:37:
                    01:c5:b5:72:2b:1a:58:ff:2e:d0:f1:99:4f:46:cc:
                    af:a9:4d:e3:c1:e3:14:c9:10:1d:99:e7:73:4f:c8:
                    fa:f9:5d:71:65:ec:ea:73:76:c0:47:d1:7a:b5:bd:
                    15:a6:9e:56:13:37:f8:a3:15:ee:79:f0:d9:ca:de:
                    0b:d0:41:e2:d4:5b:b5:e3:07:5c:67:e7:2c:2a:10:
                    49:8c:dc:f0:38:28:16:92:2d:ae:09:98:a7:c9:c2:
                    72:e2:d8:ca:92:7d:7b:80:c7:dc:98:35:3d:63:ca:
                    fc:a7:41:cb:96:93:0d:92:1a:af:bd:8e:97:96:4b:
                    d0:fe:72:7d:b1:77:4c:f2:02:e5:af:05:46:1d:0b:
                    cc:49:b8:41:2a:47:11:c6:88:a4:f6:cb:a7:57:f7:
                    0b:5c:1b:51:e1:39:3d:c9:61:b8:89:f8:ba:17:05:
                    9a:a6:06:47:86:98:56:b8:2d:b1:36:6e:d2:d6:3c:
                    08:18:97:9b:97:27:cb:75:43:f9:e5:ec:c5:1d:93:
                    ba:6c:54:65:ce:c6:20:b8:b9:37:58:4a:c6:4d:d8:
                    d2:2c:2e:19:4f:49:9d:b7:cb:e8:d5:a4:eb:c3:ee:
                    e4:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                8D:09:2F:82:85:DC:D8:75:41:24:9F:F8:E6:41:C8:0C:EA:30:70:CE
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:upcommerce.app
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 73:20:22:0F:08:16:8A:F9:F3:C4:A6:8B:0A:B2:6A:9A:
                                4A:00:EE:F5:77:85:8A:08:4D:05:00:D4:A5:42:44:59
                    Timestamp : Jan  2 14:00:23.358 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DF:C1:D6:59:03:B9:88:78:8E:5F:D6:
                                69:29:79:69:C5:CC:37:F7:FA:EE:18:78:1E:3E:09:7E:
                                11:C4:32:9A:28:02:20:1B:9B:8C:F6:3C:A5:8E:42:77:
                                CF:21:27:B0:4B:16:9F:4F:44:56:88:7C:CD:19:F7:A3:
                                5B:F5:34:B4:A1:75:B7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Jan  2 14:00:23.811 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A7:6E:8D:9F:66:F5:36:C0:F9:E2:08:
                                BC:D2:AC:53:A8:CE:65:27:1A:D5:F0:70:0C:13:D9:11:
                                2C:E9:58:D9:EB:02:21:00:FA:A0:99:09:19:F9:CA:40:
                                ED:D5:BF:42:66:7E:9D:DA:AB:58:02:38:D3:EE:14:FF:
                                3F:AD:15:CA:53:23:31:A8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6b:fb:f7:25:e5:6f:03:a8:e1:d1:c9:f5:eb:4a:96:a8:c5:9b:
        64:20:f8:d1:9e:49:9c:49:59:95:3c:e6:55:7a:80:50:12:fb:
        a6:f0:4e:3d:31:d2:4d:0f:8a:f6:0b:e8:8e:9c:1c:5c:a5:15:
        32:5c:a4:b6:f4:d2:a6:2a:3e:09:3e:8a:fc:ab:bf:f2:ce:c0:
        85:19:18:c0:7b:89:78:27:ca:10:aa:35:94:68:3b:9a:65:01:
        b6:cb:6e:5c:95:90:28:ea:79:b3:0c:67:25:c2:6e:b1:76:55:
        24:54:d3:e2:9a:d4:c0:6b:41:36:1b:c9:63:91:ad:4d:73:01:
        56:2c:21:d0:f7:b9:dd:e7:09:c0:b8:d7:4b:b0:d8:0f:0d:97:
        6f:4b:f2:90:c8:55:71:83:ec:d7:58:7c:cf:35:47:6d:f0:d1:
        d0:1c:16:18:af:d6:3d:e0:dd:b1:ba:1e:95:d6:4c:64:6e:85:
        87:fc:b5:09:32:27:77:3d:db:69:fa:c0:35:d6:19:eb:f5:16:
        05:e7:63:2d:3a:b4:7b:75:99:fc:89:cc:e8:7f:01:7a:b7:7b:
        bf:2f:86:85:bd:e9:0d:ff:9a:e4:7c:06:9e:0c:48:f0:47:f3:
        09:f0:71:5d:11:42:2a:c6:37:58:5b:8c:96:39:47:34:2e:9c:
        fb:0c:b5:c1

CVE-2023-44487 CVE-2021-3618

1342247460 | 2025-01-07T18:25:01.206404

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.33-25
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

1395840810 | 2024-12-14T17:24:54.841270

5001 / tcp

HTTP/1.1 200 OK
Date: Sat, 14 Dec 2024 17:24:53 GMT
Content-Type: text/html
Content-Length: 43
Vary: Origin
Access-Control-Allow-Origin: *

<div>Not found shop from query string</div>

-795948505 | 2024-12-28T07:58:08.097966

33060 / tcp

MySQL X Protocol:
  tls: False
  authentication.mechanisms:
    MYSQL41
    SHA256_MEMORY
  doc.formats: text
  client.interactive: False
  compression:
    algorithm:
      deflate_stream
      lz4_message
      zstd_stream
  node_type: mysql
  client.pwd_expire_ok: False

174.138.35.184

Last Seen: 2025-01-08

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1788140687 | 2024-12-25T03:56:09.345492
22 / tcp

OpenSSH7.4

-1836475360 | 2025-01-07T14:04:38.913277
80 / tcp

nginx1.20.1

-1345205424 | 2025-01-08T01:56:35.906426
111 / tcp

-1345205424 | 2025-01-08T11:54:38.607025
111 / udp

-616353752 | 2025-01-04T15:26:28.638459
443 / tcp

nginx1.20.1

1342247460 | 2025-01-07T18:25:01.206404
3306 / tcp

MySQL8.0.33-25

1395840810 | 2024-12-14T17:24:54.841270
5001 / tcp

-795948505 | 2024-12-28T07:58:08.097966
33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

174.138.35.184

Last Seen: 2025-01-08

Tags:

GeneralInformation

Vulnerabilities All ports Port 22 Port 80 Port 443 Latest CVSS

OpenPorts

1788140687 | 2024-12-25T03:56:09.345492 22 / tcp

OpenSSH7.4

-1836475360 | 2025-01-07T14:04:38.913277 80 / tcp

nginx1.20.1

-1345205424 | 2025-01-08T01:56:35.906426 111 / tcp

-1345205424 | 2025-01-08T11:54:38.607025 111 / udp

-616353752 | 2025-01-04T15:26:28.638459 443 / tcp

nginx1.20.1

1342247460 | 2025-01-07T18:25:01.206404 3306 / tcp

MySQL8.0.33-25

1395840810 | 2024-12-14T17:24:54.841270 5001 / tcp

-795948505 | 2024-12-28T07:58:08.097966 33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

Vulnerabilities

1788140687 | 2024-12-25T03:56:09.345492
22 / tcp

-1836475360 | 2025-01-07T14:04:38.913277
80 / tcp

-1345205424 | 2025-01-08T01:56:35.906426
111 / tcp

-1345205424 | 2025-01-08T11:54:38.607025
111 / udp

-616353752 | 2025-01-04T15:26:28.638459
443 / tcp

1342247460 | 2025-01-07T18:25:01.206404
3306 / tcp

1395840810 | 2024-12-14T17:24:54.841270
5001 / tcp

-795948505 | 2024-12-28T07:58:08.097966
33060 / tcp