GeneralInformation

Hostnames	sportstracklive.production.isee-u.fr admin.sportstracklive.production.isee-u.fr api.sportstracklive.production.isee-u.fr www.sportstracklive.production.isee-u.fr
Domains	isee-u.fr
Country	France
City	Strasbourg
Organization	OVH SAS
ISP	OVH SAS
ASN	AS16276

WebTechnologies

Operating systems

Ubuntu

Reverse proxies

Nginx1.18.0

Web servers

Nginx1.18.0

Phusion Passenger6.0.18

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

589765266 | 2024-04-28T19:16:52.368637

80 / tcp

HTTP/1.1 301 Moved Permanently
server: nginx/1.18.0 (Ubuntu)
date: Sun, 28 Apr 2024 19:16:52 GMT
content-type: text/html
content-length: 178
location: https://api.sportstracklive.com/
x-iplb-request-id: CF5AF402:C100_894A7F8F:0050_662EA0A4_8AC3:1B4D
x-iplb-instance: 53763
set-cookie: SERVERID168167=b3099b6a|Zi6gp|Zi6gp; path=/; HttpOnly
cache-control: private

1296075293 | 2024-04-30T06:04:07.418887

443 / tcp

HTTP/1.1 404 Not Found
content-type: text/html; charset=UTF-8
content-length: 1722
status: 404 Not Found
vary: Origin
x-request-id: d510a629-58d6-4eda-8baa-678fcfc31765
x-runtime: 0.003520
date: Tue, 30 Apr 2024 06:04:07 GMT
x-powered-by: Phusion Passenger(R) 6.0.18
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.18
x-iplb-request-id: B98EEC29:B0DE_894A7F8F:01BB_663089D6_67F00:1EC3
x-iplb-instance: 53763
set-cookie: SERVERID168167=3ad86b17|ZjCJ2|ZjCJ2; path=/; HttpOnly
cache-control: private

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:52:8a:cb:3f:98:2c:6b:34:87:1c:0b:21:c5:0f:e2:14:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar  2 04:04:29 2021 GMT
            Not After : May 31 04:04:29 2021 GMT
        Subject: CN=api.sportstracklive.production.isee-u.fr
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:e4:37:8a:88:4a:cc:64:d3:ff:7d:71:20:aa:81:
                    40:36:80:93:63:a0:0a:34:a3:1a:46:92:f6:98:74:
                    7a:0b:76:db:ab:dc:e3:51:51:96:f4:fb:7f:d3:6d:
                    1a:5a:cd:09:8c:d2:03:23:52:a3:88:f6:11:cb:9b:
                    f4:0d:29:d2:23:d8:7d:01:dd:fe:b7:c5:93:62:43:
                    79:14:8f:68:c7:b5:88:a4:ed:03:42:52:db:af:05:
                    0c:9d:88:6f:cc:1e:cb:54:96:fa:c6:d3:e9:4e:e4:
                    26:71:18:51:c9:d3:42:fd:11:a9:90:ec:37:59:b3:
                    5f:be:ac:a5:09:14:bc:da:23:1f:b6:93:89:ef:da:
                    dc:a9:95:25:f5:48:05:9f:87:ed:c5:a2:07:f6:1b:
                    e7:5f:f9:a5:a4:d4:99:4a:8d:83:9e:7d:bf:33:a7:
                    84:8d:fc:c7:b2:9d:e6:bc:5b:f8:30:10:55:43:07:
                    c2:8b:1b:17:64:9c:cd:5d:68:87:60:98:1b:2b:4f:
                    f1:a2:2d:9b:d5:7c:8f:72:fb:ef:a8:8f:8b:f1:6e:
                    0d:81:52:68:9c:58:be:ed:80:e9:16:4c:43:8b:b4:
                    e6:94:44:c3:a9:87:98:a2:98:2e:78:4a:5d:e8:58:
                    5e:e2:c6:39:9e:fe:f3:01:1a:7a:e2:84:f7:3d:c9:
                    11:df:69:8d:c8:73:ac:d5:83:7c:f6:7b:eb:70:20:
                    45:17:f2:32:ff:de:3f:2c:63:74:af:e2:6d:b1:11:
                    a7:38:59:1b:f6:f2:c4:3e:b9:f7:e5:8b:39:8a:05:
                    64:05:5c:21:04:a2:a6:e4:40:84:d2:f3:8c:7c:02:
                    8c:dc:1a:43:a4:89:3e:d2:01:33:2b:13:85:4f:d8:
                    ba:74:a9:f4:89:54:bd:38:16:6a:81:cd:25:3b:8e:
                    88:56:08:4c:88:0a:57:f6:36:c3:be:0d:56:c6:9d:
                    7a:30:d8:6c:c5:34:4e:dd:03:73:6b:bd:a2:97:47:
                    60:ff:59:c3:54:f5:fc:3b:c9:5f:b5:b2:e7:30:c9:
                    59:79:08:83:4e:a9:ab:ac:5a:3a:0d:04:38:3e:26:
                    c0:6a:8a:3f:b6:9c:9f:da:5b:11:da:37:56:ec:af:
                    5c:8f:7d:9f:ae:92:a8:b2:3e:6c:e4:13:4d:97:0a:
                    6b:97:65:33:4c:43:cb:74:f9:2b:47:3c:00:2c:88:
                    a2:01:6b:fe:18:eb:14:21:02:da:d5:80:28:1b:7a:
                    50:2e:66:60:81:ae:ca:c9:e1:39:b7:60:1e:7c:21:
                    81:02:7a:51:44:9a:5f:6c:da:b8:99:77:b2:32:a2:
                    f6:4e:77:9c:0f:ce:21:16:b8:9d:75:ca:17:70:f2:
                    b9:0d:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                5D:0F:84:C8:69:79:DD:8B:6B:7F:E5:1C:1E:EC:62:42:BB:32:BD:A3
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:admin.sportstracklive.production.isee-u.fr, DNS:api.sportstracklive.production.isee-u.fr, DNS:sportstracklive.production.isee-u.fr, DNS:www.sportstracklive.production.isee-u.fr
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
                                D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
                    Timestamp : Mar  2 05:04:29.936 2021 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:97:B9:88:CF:4F:FA:3B:28:16:94:F8:
                                48:54:C8:93:BF:CD:08:36:8C:8E:AF:A7:8F:F8:75:C3:
                                43:44:32:FB:B2:02:20:75:FA:67:3A:AC:92:9C:AC:BB:
                                C3:F7:A2:96:7A:27:B1:2B:39:2C:05:14:10:2A:4C:AC:
                                4B:E9:9E:17:14:5D:37
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
                                79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
                    Timestamp : Mar  2 05:04:29.978 2021 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:85:F2:DC:D9:41:B9:C7:37:BA:DA:24:
                                6B:10:0E:A2:04:5D:35:13:E7:50:03:56:A5:50:C4:9D:
                                97:81:E4:8A:6A:02:20:67:8C:03:65:F9:AE:0B:47:D0:
                                5F:43:6A:9D:3F:B5:75:73:E5:D4:C9:ED:B3:C1:8A:66:
                                0F:3B:CB:A7:28:80:03
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        29:5b:3e:f2:53:0d:8a:f5:d0:ad:b6:b0:40:2c:ec:cd:21:60:
        7a:a7:47:3f:95:40:84:3c:e8:07:fb:20:47:fd:16:ab:83:74:
        e2:58:35:d3:9f:b9:08:fa:a6:97:bb:11:c2:a3:12:f9:33:08:
        20:91:a5:2f:8e:c3:2f:b2:4c:b1:b6:ec:d6:24:3f:73:04:b6:
        d7:d3:8b:fb:a5:d7:78:4e:e4:c8:50:64:c6:7c:14:dd:26:ec:
        1b:dc:a7:a4:05:63:e6:ce:84:73:fa:ac:ea:78:59:7c:8d:be:
        b3:3f:4e:13:26:19:b7:3e:75:33:e7:f3:dc:93:0a:97:15:df:
        69:69:eb:40:29:7a:61:71:5a:78:60:d1:1d:4c:88:e0:e9:4a:
        d8:a4:57:37:bc:92:1e:28:8a:97:87:8f:6a:46:08:69:5d:5d:
        44:fc:28:fa:cc:9c:e8:9a:42:4d:95:73:49:a9:3c:20:84:a4:
        b2:c7:15:7f:90:b9:b4:e2:d0:e2:14:04:db:d6:25:af:76:0f:
        2c:14:4c:03:3c:96:41:b4:39:75:01:4d:1f:ed:34:2e:67:4f:
        be:3d:cc:03:b0:0c:3d:cb:6b:9f:24:6b:20:9a:3c:6a:66:b6:
        81:78:fb:7c:62:22:be:8e:5d:bb:ca:31:58:c7:4a:27:d4:9a:
        ec:f7:a6:e8

137.74.127.143

Last Seen: 2024-04-30

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

589765266 | 2024-04-28T19:16:52.368637
80 / tcp

nginx1.18.0

1296075293 | 2024-04-30T06:04:07.418887
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

137.74.127.143

Last Seen: 2024-04-30

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

589765266 | 2024-04-28T19:16:52.368637 80 / tcp

nginx1.18.0

1296075293 | 2024-04-30T06:04:07.418887 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

589765266 | 2024-04-28T19:16:52.368637
80 / tcp

1296075293 | 2024-04-30T06:04:07.418887
443 / tcp