GeneralInformation

Hostnames	ec2-23-20-193-167.compute-1.amazonaws.com api-development.servidata.com.co
Domains	amazonaws.com servidata.com.co
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Data Services NoVa
ISP	Amazon.com, Inc.
ASN	AS14618
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443

22 / tcp

1924308440 | 2025-02-26T17:53:36.008309

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.11
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMpzb97N5ia0p1yxIZ38UGSs
15auTArqArvquyzDfmq29YEvEAYqUNzHTYGmzzgmKkzkeF/WpDKW0LZwyeH0C1M=
Fingerprint: 88:33:5b:7b:de:c7:45:5c:d3:42:e5:b9:28:42:ce:28

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

1651973090 | 2025-03-13T18:05:16.087770

Hashes

hash

-1032228214

http.dom_hash

-2049760045

http.html_hash

1651973090

http.server_hash

967792298

http.title_hash

911614014

Welcome to nginx!

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 13 Mar 2025 18:05:15 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 11 Dec 2024 19:58:40 GMT
Connection: keep-alive
ETag: "6759eef0-264"
Accept-Ranges: bytes

Vulnerabilities

443 / tcp

1413768916 | 2025-03-14T05:00:29.648933

Hashes

hash

1195683027

http.dom_hash

1494509923

http.html_hash

1413768916

http.server_hash

967792298

http.title_hash

324767378

DisallowedHost at /

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 14 Mar 2025 05:00:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Vary: Origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ab:84:7f:59:ee:6a:f7:50:a9:dd:0e:48:14:e4:43:eb:6a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Feb  9 20:04:47 2025 GMT
            Not After : May 10 20:04:46 2025 GMT
        Subject: CN=api-development.servidata.com.co
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c0:94:50:b4:c6:72:60:cd:f2:a6:68:b3:cc:b3:
                    2e:df:91:c4:25:9d:7d:d2:27:03:14:07:76:d4:1c:
                    b9:d5:cc:2a:3f:fa:58:90:0a:cb:52:cf:3d:e8:93:
                    a9:2b:69:3c:8b:7a:24:cb:66:3c:be:56:e5:ab:1f:
                    20:3b:6d:7f:93:c4:fc:8d:4e:9b:db:07:94:f7:6c:
                    aa:aa:95:98:42:e9:86:d8:31:70:0b:b4:71:79:d4:
                    9c:82:f2:ad:f3:16:a7:07:5f:77:5b:21:a7:98:a9:
                    7f:97:fc:25:d3:e4:35:7c:44:71:55:fc:da:e3:f0:
                    83:90:08:d8:52:70:ce:62:b8:b2:4d:3f:55:1b:35:
                    a2:be:55:23:e6:34:e7:7b:6f:8f:98:c4:48:9e:33:
                    e4:d4:c9:84:30:b1:75:fb:93:43:10:17:ae:10:b5:
                    f3:ae:51:70:b3:c1:74:5c:16:37:a1:c7:85:df:a0:
                    e5:00:8d:98:80:00:52:88:52:37:38:33:3e:bd:17:
                    9d:30:26:a2:23:fe:e7:5a:83:d3:b7:c2:f6:7a:3e:
                    39:75:1c:27:e7:6a:6b:25:70:8a:dc:9c:62:96:bc:
                    40:c2:af:76:8a:08:af:c6:1e:dc:e1:0f:81:e4:75:
                    b6:97:a0:6a:26:fc:f2:e9:b7:4c:11:a1:e6:58:43:
                    b3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                4F:D2:05:FF:29:94:E9:09:65:6C:67:FF:4C:C3:DE:8F:44:66:45:E9
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api-development.servidata.com.co
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb  9 21:03:17.263 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2E:9F:1A:A5:39:00:E3:03:B3:40:EF:D7:
                                EF:B9:2B:C6:55:7C:ED:51:3E:97:59:F4:BF:18:4E:A4:
                                D2:FB:54:B4:02:21:00:99:EC:88:44:51:4F:D9:2D:AB:
                                54:2D:68:0C:9A:0F:92:E5:88:C2:44:4D:1B:F8:9C:CD:
                                46:AC:F3:72:5F:3A:A5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Feb  9 21:03:17.331 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:01:B5:DF:C4:41:CC:C0:4E:73:16:69:EF:
                                E5:D6:BC:F0:7D:9B:98:6B:B0:0B:B7:59:36:12:CC:41:
                                70:AE:34:DC:02:21:00:E9:E7:78:D6:79:61:BD:1A:9E:
                                95:99:21:55:C9:96:78:09:FE:C9:C0:DB:8C:00:EE:EA:
                                F7:74:6B:FF:85:75:0E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:56:d9:7c:60:e9:37:1e:32:46:b1:a4:f2:e8:be:f9:d3:cc:
        c9:ca:98:71:8d:e2:5d:b9:9f:7d:f6:6c:df:e8:ab:24:e4:0a:
        f7:15:01:2d:25:f7:e7:2b:1e:54:5c:1a:1a:2b:ea:51:07:78:
        7d:69:7b:c0:33:29:57:6a:98:b5:fb:57:0a:8a:4e:78:c8:07:
        dd:bb:ad:44:d4:ef:16:11:cd:07:6c:6c:28:82:29:60:4e:02:
        d3:a1:52:4e:2f:dc:ae:1d:00:1b:2b:74:25:3b:4b:c4:b9:a9:
        28:f0:c9:5c:b8:43:a2:52:c3:7d:77:cd:c6:b4:92:85:ea:0b:
        f9:e2:b9:f5:c8:b8:70:88:5f:d2:7d:5b:42:5f:db:29:49:05:
        fb:c8:20:c6:84:89:bc:6e:f4:52:4f:2b:8c:2b:56:68:d7:da:
        fa:ff:f5:92:4a:ed:bb:9f:46:9f:86:73:6b:29:d0:57:6c:0b:
        46:27:8b:65:a7:c3:25:36:27:0e:f1:45:7e:80:95:e5:21:4a:
        f6:57:15:61:83:c2:e6:2e:c8:88:cf:60:0c:13:10:49:89:d1:
        24:cb:b4:e1:7e:38:60:1e:b6:76:83:77:20:8f:15:72:5a:c5:
        8d:10:35:50:0e:06:8c:68:83:17:bb:d2:34:86:9c:87:78:92:
        d3:3e:4a:cd

Vulnerabilities

23.20.193.167

Last Seen: 2025-03-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

22 / tcp

1924308440 | 2025-02-26T17:53:36.008309

OpenSSH8.9p1 Ubuntu 3ubuntu0.11

80 / tcp

1651973090 | 2025-03-13T18:05:16.087770

Hashes

nginx1.18.0

443 / tcp

1413768916 | 2025-03-14T05:00:29.648933

Hashes

nginx1.18.0

Products

Pricing

Contact Us

23.20.193.167

Last Seen: 2025-03-14

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

22 / tcp 1924308440 | 2025-02-26T17:53:36.008309

OpenSSH8.9p1 Ubuntu 3ubuntu0.11

80 / tcp 1651973090 | 2025-03-13T18:05:16.087770

Hashes

nginx1.18.0

443 / tcp 1413768916 | 2025-03-14T05:00:29.648933

Hashes

nginx1.18.0

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

1924308440 | 2025-02-26T17:53:36.008309

80 / tcp

1651973090 | 2025-03-13T18:05:16.087770

443 / tcp

1413768916 | 2025-03-14T05:00:29.648933