GeneralInformation

Hostnames	kodo.io hapi-01.kodo.io www.kodo.io
Domains	kodo.io
Country	Netherlands
City	Amsterdam
Organization	TRANSIP
ISP	Signet B.V.
ASN	AS20857

WebTechnologies

CDN

Font scripts

JavaScript graphics

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

772258679 | 2024-05-02T16:36:31.950270

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Thu, 02 May 2024 16:36:29 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://kodo.io/

136435350 | 2024-05-02T17:30:59.019478

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 02 May 2024 17:30:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.2.18

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c9:ea:1d:eb:56:99:e4:ff:5c:b1:cd:84:70:b3:d8:61:46
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 15 02:18:18 2024 GMT
            Not After : Jul 14 02:18:17 2024 GMT
        Subject: CN=kodo.io
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:da:17:7b:b8:6b:f3:9f:5e:aa:1b:f1:f5:2c:de:
                    d8:1a:14:04:1c:47:b0:35:c5:27:05:63:8a:58:44:
                    b2:0d:1a:a2:3a:0e:b4:ef:a7:53:43:4c:c5:67:c7:
                    7b:5e:1d:2c:a6:58:62:33:f3:4c:b8:82:c5:17:20:
                    6f:59:27:15:16:ac:aa:b0:5d:39:0a:b7:06:e7:cf:
                    ee:c4:5a:8d:71:8a:86:2c:c8:70:d1:f4:d7:4e:19:
                    83:6d:d4:04:41:3a:3a:69:fc:48:b0:a3:6a:72:9a:
                    8c:d7:b4:5e:d6:9f:63:08:94:49:3f:ab:35:9b:e9:
                    7c:d2:5a:27:ee:de:f5:a9:fd:e1:33:d2:88:a4:ad:
                    00:1e:43:bc:80:94:7b:27:b0:3b:38:eb:de:37:e1:
                    09:81:aa:36:17:bd:30:31:88:67:e2:3e:a9:ee:63:
                    ac:77:5e:ab:41:b7:57:ac:2d:de:05:bf:5c:26:6b:
                    33:b8:c0:94:4f:c3:6e:49:7d:7c:44:07:2d:df:dd:
                    a9:8e:91:f1:6e:2b:4f:04:91:09:7d:42:d5:38:c1:
                    b3:d9:87:08:d8:82:7d:0d:eb:92:33:3c:09:59:54:
                    ed:27:1c:ed:5f:58:7b:2c:34:a5:5e:ca:85:ee:d6:
                    e8:0b:61:d9:49:bb:89:06:86:37:1f:89:bb:c6:08:
                    dd:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                C4:12:18:DC:BD:62:E9:02:A0:2A:9E:E6:B0:00:7D:F2:80:6F:65:DB
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:kodo.io, DNS:www.kodo.io
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 15 03:18:18.438 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5D:9D:A1:89:70:6E:5C:F2:1F:44:C0:04:
                                61:8D:4F:1D:CC:99:A7:78:EE:1C:12:83:0F:8F:23:63:
                                40:33:50:CF:02:20:43:15:AB:D5:25:16:1C:E2:AC:6F:
                                EF:CF:56:3C:1B:21:64:A9:14:0E:2F:89:8B:60:7C:B3:
                                22:0F:18:65:35:17
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 15 03:18:18.467 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D4:85:1C:D0:6B:73:33:13:24:D2:F5:
                                8E:91:05:9B:60:05:1F:69:15:7B:83:A9:E7:6F:F7:9A:
                                92:80:CB:38:46:02:20:17:B8:95:68:64:EA:FC:44:85:
                                22:88:0A:DD:91:D6:DC:90:4E:FA:14:E4:23:2F:D0:C8:
                                8D:B7:42:B5:B3:A1:6A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1b:66:ed:b8:53:fd:b6:8e:4c:f8:a3:12:12:73:a6:1a:27:53:
        c3:cc:51:aa:9f:ea:45:a5:3b:91:88:a2:4d:8a:93:6f:8f:63:
        45:a6:d9:8b:3b:19:99:80:1c:15:a2:84:34:df:13:ed:9b:41:
        ca:ba:e1:71:d4:91:b7:43:d6:c5:97:fa:f4:6d:ec:4f:b9:ad:
        fe:63:97:a1:47:1f:43:83:30:ca:c5:a9:4f:bb:8a:1e:bc:0c:
        98:fe:1e:3d:51:08:5c:43:0d:51:a8:07:89:77:92:e1:32:b3:
        be:9e:a2:ce:c9:3d:9d:09:58:e9:2d:f5:32:0e:2f:55:d7:64:
        aa:96:6e:b0:31:4a:46:92:ef:2a:39:97:12:87:6c:1e:5d:73:
        eb:28:f1:2e:5b:ef:a8:e4:dc:a4:47:c4:ad:4d:93:b7:36:75:
        61:69:9e:0e:8f:85:9f:b1:f0:55:f3:06:76:15:34:0e:17:67:
        24:45:a8:ba:6f:21:42:ee:60:99:a2:66:1e:50:28:df:05:b5:
        41:52:86:02:0d:c7:ff:ff:f1:6b:12:95:6f:81:23:aa:fa:06:
        d6:3d:ee:c9:9f:47:51:82:20:c1:8e:82:c4:07:5b:39:08:99:
        e2:7b:f5:37:21:dd:b4:f8:a2:f2:06:55:18:3b:e5:56:af:34:
        1e:df:a9:ad

136.144.144.38

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

772258679 | 2024-05-02T16:36:31.950270
80 / tcp

nginx1.20.1

136435350 | 2024-05-02T17:30:59.019478
443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

136.144.144.38

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

772258679 | 2024-05-02T16:36:31.950270 80 / tcp

nginx1.20.1

136435350 | 2024-05-02T17:30:59.019478 443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

772258679 | 2024-05-02T16:36:31.950270
80 / tcp

136435350 | 2024-05-02T17:30:59.019478
443 / tcp