GeneralInformation

Hostnames	ec2-3-121-131-87.eu-central-1.compute.amazonaws.com status.ordercast.me
Domains	amazonaws.com ordercast.me
Cloud Provider	Amazon
Cloud Region	eu-central-1
Cloud Service	EC2
Country	Germany
City	Frankfurt am Main
Organization	A100 ROW GmbH
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 80 443 3001 8080 9000 50000

-2122426147 | 2024-08-31T09:35:10.893654

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZlNiOievgKRZnK2NB7qy62
TS0f4Jkv1GtpGMcDj+PHIDXRhJ5RTZclvGBpIeT8RoVF+q8GbyYZr8rMpL73xCY=
Fingerprint: 44:e6:4b:39:f4:a7:46:02:93:c2:5d:36:46:d9:2d:e4

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-09-12T04:22:46.908568

80 / tcp

Welcome to nginx!

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 12 Sep 2024 04:22:46 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 13 Jul 2022 07:07:24 GMT
Connection: keep-alive
ETag: "62ce6f2c-264"
Accept-Ranges: bytes

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

0 | 2024-09-17T20:13:04.084693

443 / tcp

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:0a:0a:5f:ef:e7:de:f0:60:bd:88:60:f4:58:50:b0:b7:bb
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Jul 25 20:18:50 2024 GMT
            Not After : Oct 23 20:18:49 2024 GMT
        Subject: CN=status.ordercast.me
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ab:7c:b9:11:04:5c:1d:0d:3c:fe:bd:96:2e:e3:
                    db:2c:01:6d:60:7a:c9:18:65:73:25:38:44:a1:ef:
                    1c:92:cf:3e:32:19:e1:e5:28:7a:21:fc:25:dc:67:
                    d6:e8:d4:68:12:1a:79:3a:58:f5:37:66:f4:da:64:
                    6a:51:30:01:6c:d3:31:e2:eb:9e:dd:8d:66:99:41:
                    c7:e4:4a:4b:a9:ec:12:07:7b:ab:8b:f6:a3:92:f0:
                    bb:85:6b:1e:5a:86:44:fb:de:f2:ce:d8:17:95:31:
                    ea:23:42:6e:ef:ac:8c:2a:2d:1b:01:08:b6:37:18:
                    48:ab:da:78:59:b0:2a:51:2a:61:22:bf:2e:fc:e2:
                    11:d3:e5:3c:21:dd:5f:2d:bc:cc:e1:8a:67:9e:73:
                    9a:8a:c3:e8:72:08:98:07:d5:ee:5b:fa:69:7b:9d:
                    cf:3a:8a:76:03:ad:0c:99:25:ed:bf:41:5c:c8:6e:
                    cd:6c:ef:f4:8f:26:c9:2f:93:0a:29:07:4b:79:1c:
                    cd:be:63:7e:6e:54:c7:40:88:74:32:9d:52:a9:bb:
                    0f:74:c7:7f:e3:a1:4b:a0:a0:d6:31:2a:e8:a1:bb:
                    42:c0:ad:67:73:74:c7:9c:88:92:8e:1b:14:19:c9:
                    31:b0:c1:9f:4e:86:67:c3:32:0e:88:89:4c:e9:87:
                    96:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                27:15:FB:C2:E6:64:7F:06:6A:3E:A9:B9:BD:AF:91:D8:C4:DE:EA:9A
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:status.ordercast.me
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Jul 25 21:18:50.127 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2C:14:1F:B8:3F:C1:CC:C1:03:46:A8:F3:
                                31:8E:70:E5:C9:06:4C:E8:27:E8:58:6C:8F:BD:67:D7:
                                B1:C0:03:74:02:20:31:72:A2:8F:97:F4:CF:70:FF:B5:
                                98:A3:B1:F2:16:11:D6:B5:DD:64:31:AD:CB:7B:4E:53:
                                99:3F:B3:34:BD:9F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Jul 25 21:18:50.126 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F5:0D:46:09:B8:B8:A6:C4:2B:1A:26:
                                68:5C:E9:72:E8:F6:9D:E0:E6:7D:D5:51:D5:FF:D0:C6:
                                CB:FB:C1:E0:74:02:21:00:96:4B:E3:92:6C:92:06:DE:
                                FC:12:CA:74:61:7C:4E:0D:7E:25:44:80:F2:E2:18:30:
                                16:A2:C0:94:D4:57:35:C2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        64:63:75:ed:59:05:99:d6:6d:95:5d:f4:44:e6:b0:21:81:de:
        51:a6:2b:a8:3c:f7:39:5b:99:c8:8e:67:8d:ba:a8:73:20:ac:
        ed:56:d4:60:e3:3a:36:d5:e0:01:50:f4:2f:0d:b7:df:22:c7:
        4d:d3:e6:d0:56:4e:92:f3:77:4f:a7:ff:c5:6c:2b:7e:6f:37:
        1c:f6:64:92:d8:dc:ef:50:28:0b:53:f8:c5:ac:39:c4:38:e0:
        71:9e:c4:d0:f1:58:45:ba:2b:d9:30:bd:76:12:39:73:cc:1e:
        46:9f:24:80:0b:b1:fd:c5:f5:c4:59:89:8e:59:3f:db:53:23:
        4c:3e:49:cf:c9:a8:2f:57:c1:35:f5:de:48:04:8c:dd:f2:c2:
        7b:86:74:69:95:86:76:f2:b2:15:e8:0e:52:c6:5b:97:4d:33:
        3f:73:7c:e6:31:5d:e2:64:01:9c:e9:c4:57:fb:9f:2b:df:da:
        99:25:ee:3e:5c:64:a2:5d:73:b2:17:b8:97:2f:ec:67:c0:db:
        dd:08:20:60:aa:25:68:60:11:11:2a:75:01:21:13:e5:fe:6c:
        dc:33:f1:be:34:66:8b:55:73:43:8c:a4:b7:a9:99:99:3a:be:
        d6:7f:cd:fe:30:24:d6:aa:99:f2:b5:27:b4:55:85:59:bc:51:
        57:d3:26:1b

-1246004407 | 2024-09-18T02:25:21.426652

3001 / tcp

HTTP/1.1 400 Bad Request
Connection: close

-567194451 | 2024-09-03T01:12:59.145015

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 03 Sep 2024 01:12:59 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.83987726=node0ltt4xns8te81hohcmjf49upn6621.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.346.1
X-Jenkins-Session: 564a0cb9
Content-Length: 541
Server: Jetty(9.4.45.v20220203)

CVE-2024-23897 CVE-2022-2048 CVE-2022-2047 CVE-2023-44487 CVE-2023-41900 5 moreCVE-2023-40167 CVE-2023-36479 CVE-2023-36478 CVE-2023-26049 CVE-2023-26048

1052382142 | 2024-09-11T01:18:29.466295

9000 / tcp

HTTP/1.1 400 Bad Request
Date: Wed, 11 Sep 2024 01:18:29 GMT
x-amzn-RequestId: 71d4cbca-7859-4e48-b82b-a791e8ab9765
Content-Type: application/x-amz-json-1.0
Content-Length: 173
Server: Jetty(9.4.48.v20220622)

{"__type":"com.amazonaws.dynamodb.v20120810#MissingAuthenticationToken","Message":"Request must contain either a valid (registered) AWS access key ID or X.509 certificate."}

-1382470638 | 2024-08-31T20:42:35.557622

50000 / tcp

HTTP/1.0 200 OK
Content-Type: text/plain;charset=UTF-8

Jenkins-Agent-Protocols: JNLP4-connect, Ping
Jenkins-Version: 2.346.1
Jenkins-Session: 564a0cb9
Client: 224.151.29.153
Server: 172.16.100.138
Remoting-Minimum-Version: 3.14

3.121.131.87

Last Seen: 2024-09-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2122426147 | 2024-08-31T09:35:10.893654
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.10

1651973090 | 2024-09-12T04:22:46.908568
80 / tcp

nginx1.18.0

0 | 2024-09-17T20:13:04.084693
443 / tcp

-1246004407 | 2024-09-18T02:25:21.426652
3001 / tcp

-567194451 | 2024-09-03T01:12:59.145015
8080 / tcp

Jenkins2.346.1

1052382142 | 2024-09-11T01:18:29.466295
9000 / tcp

Jetty

-1382470638 | 2024-08-31T20:42:35.557622
50000 / tcp

Products

Pricing

Contact Us

3.121.131.87

Last Seen: 2024-09-18

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 8080 Latest CVSS

OpenPorts

-2122426147 | 2024-08-31T09:35:10.893654 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.10

1651973090 | 2024-09-12T04:22:46.908568 80 / tcp

nginx1.18.0

0 | 2024-09-17T20:13:04.084693 443 / tcp

-1246004407 | 2024-09-18T02:25:21.426652 3001 / tcp

-567194451 | 2024-09-03T01:12:59.145015 8080 / tcp

Jenkins2.346.1

1052382142 | 2024-09-11T01:18:29.466295 9000 / tcp

Jetty

-1382470638 | 2024-08-31T20:42:35.557622 50000 / tcp

Products

Pricing

Contact Us

Vulnerabilities

-2122426147 | 2024-08-31T09:35:10.893654
22 / tcp

1651973090 | 2024-09-12T04:22:46.908568
80 / tcp

0 | 2024-09-17T20:13:04.084693
443 / tcp

-1246004407 | 2024-09-18T02:25:21.426652
3001 / tcp

-567194451 | 2024-09-03T01:12:59.145015
8080 / tcp

1052382142 | 2024-09-11T01:18:29.466295
9000 / tcp

-1382470638 | 2024-08-31T20:42:35.557622
50000 / tcp