GeneralInformation

Hostnames	chat.callzap.com.br painel.callzap.com.br ip213.ip-66-70-170.net
Domains	callzap.com.br ip-66-70-170.net
Country	Canada
City	Montréal
Organization	OVH Hosting, Inc.
ISP	OVH SAS
ASN	AS16276
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 443 3000 4000 5000

22 / tcp

567016440 | 2025-03-17T14:16:09.293323

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC1lhock0DNr6JOHhGf5aJyIdMgeIqqp8P7KUBYg4Y0TTIb
3nbgnQtBhWNXakiJYgmAtXEeCSha0Cg5WVx5wOAduI7x+nf+0ICInlybL1ccQ9FEveB/oOgPr3V+
dVFmudM7MiiJVgnY1jFEn+8nHL8vHljZCfMAcG8nCwSy86bUkJkqMiWIRZU1WKaGZMfM+gbbd58/
ipAxACPkR/m7jNHEA7tTezmV8IUbih5DEFSbQTsAG2kD5ZJIJaqi+7km+mb94YE3OUi8AOvUpuFA
86yh6s/A4x8y/TusVzDJCV5giv5xyLuzp1zgBoVzxJY6XSgTwjGggy0yzqqEozsz+agMDs0fTWs3
aKX2d8Ad5jkxQAfi3Wl//p9VMGOb9V2feo9jxNQW5r08K6ChZ5AlcMcGoPRY7Zw6eergKu1+j1O3
9uoq6ouFAxxVzHHoxxh8imjBuL5l/1w0YLpDoR8qkgXOEVtsjw+Bg8K5tVTiz7uO7NUXhgV/x7KG
nZVbv7gKVLU=
Fingerprint: 0c:94:91:8e:90:c0:84:08:31:e7:93:44:a5:bb:5a:4d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

443 / tcp

1910207149 | 2025-02-28T17:14:50.315564

Hashes

hash

-1719683543

http.dom_hash

-2006505642

http.html_hash

1910207149

http.server_hash

967792298

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 28 Feb 2025 17:14:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 23
Connection: keep-alive
X-Powered-By: Express
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
ETag: W/"17-bqIm6pxC4cx+ZoszvXxsClwgWw8"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:a4:ff:20:4b:4f:af:17:b5:ec:79:f5:71:e0:5c:24:d4:d3
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E6
        Validity
            Not Before: Jan 18 12:41:13 2025 GMT
            Not After : Apr 18 12:41:12 2025 GMT
        Subject: CN=painel.callzap.com.br
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:62:6b:b0:1e:1f:d9:20:0a:52:5b:fa:47:0a:aa:
                    44:d9:fc:6a:d7:cb:34:ef:6d:8c:01:a1:93:63:f3:
                    61:72:db:fe:86:f0:d9:ef:1f:b0:4a:19:8d:ad:95:
                    ab:79:f2:cb:75:23:72:ee:6f:2d:7d:6e:d0:fb:4f:
                    6f:cc:60:3d:d7
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E9:C2:F0:4A:E7:DB:44:B5:B9:95:C6:91:DE:B8:D6:C0:60:9E:8D:9C
            X509v3 Authority Key Identifier: 
                93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
            Authority Information Access: 
                OCSP - URI:http://e6.o.lencr.org
                CA Issuers - URI:http://e6.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:chat.callzap.com.br, DNS:painel.callzap.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Jan 18 13:39:43.403 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7A:C9:5D:4C:D1:51:5D:B0:DD:9A:9F:A6:
                                CA:07:58:C4:CB:1A:4A:39:FB:60:92:90:7B:F3:05:B6:
                                90:C8:99:8F:02:20:13:08:94:DC:80:F6:F8:6B:96:2D:
                                4C:E5:F2:83:B6:91:B4:8A:66:89:89:56:42:D9:5A:1E:
                                1C:C4:86:C9:53:C7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 18 13:39:43.391 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:29:7F:6A:30:11:CD:B1:91:43:B4:B7:D4:
                                19:DE:5E:8C:ED:CF:E7:5B:B1:C2:89:68:73:0E:95:98:
                                9D:29:AB:5A:02:21:00:D5:8E:19:38:6E:69:52:B7:16:
                                9A:EA:2B:90:DD:CB:2C:B4:A6:19:0A:44:E3:55:B5:1F:
                                AB:02:B9:21:98:79:40
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:31:00:ca:9f:5b:26:19:a9:c6:89:c5:14:70:84:7f:
        74:c9:5d:56:48:52:94:7d:47:82:79:4f:8e:45:0f:dd:87:aa:
        31:08:0f:34:87:5d:95:ad:22:54:60:d2:a1:11:77:ed:2f:02:
        30:7d:f6:65:45:86:8d:c5:42:5c:be:5e:ea:80:71:9e:be:1f:
        63:a3:ee:f4:dc:ef:a9:93:9d:c2:0c:e7:0e:11:c9:37:f3:7c:
        1f:de:c1:0b:6c:d7:fc:63:5d:40:8b:9e:0b

Vulnerabilities

3000 / tcp

1062165027 | 2025-02-27T12:36:19.647925

Hashes

hash

-921057137

http.dom_hash

2121507914

http.favicon.hash

-1632313241

http.html_hash

1062165027

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 26 Dec 2024 15:23:42 GMT
ETag: W/"13ff-194039103d0"
Content-Type: text/html; charset=UTF-8
Content-Length: 5119
Date: Thu, 27 Feb 2025 12:36:19 GMT
Connection: keep-alive
Keep-Alive: timeout=5

4000 / tcp

-1246004407 | 2025-02-21T02:28:59.967638

HTTP/1.1 400 Bad Request
Connection: close

66.70.170.213

Last Seen: 2025-03-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

22 / tcp

567016440 | 2025-03-17T14:16:09.293323

OpenSSH8.2p1 Ubuntu 4ubuntu0.11

443 / tcp

1910207149 | 2025-02-28T17:14:50.315564

Hashes

nginx1.18.0

3000 / tcp

1062165027 | 2025-02-27T12:36:19.647925

Hashes

4000 / tcp

-1246004407 | 2025-02-21T02:28:59.967638

Products

Pricing

Contact Us

66.70.170.213

Last Seen: 2025-03-17

Tags:

GeneralInformation

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

22 / tcp 567016440 | 2025-03-17T14:16:09.293323

OpenSSH8.2p1 Ubuntu 4ubuntu0.11

443 / tcp 1910207149 | 2025-02-28T17:14:50.315564

Hashes

nginx1.18.0

3000 / tcp 1062165027 | 2025-02-27T12:36:19.647925

Hashes

4000 / tcp -1246004407 | 2025-02-21T02:28:59.967638

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

567016440 | 2025-03-17T14:16:09.293323

443 / tcp

1910207149 | 2025-02-28T17:14:50.315564

3000 / tcp

1062165027 | 2025-02-27T12:36:19.647925

4000 / tcp

-1246004407 | 2025-02-21T02:28:59.967638