GeneralInformation

Hostnames	comments.app
Domains	comments.app
Country	Netherlands
City	Amsterdam
Organization	Telegram Messenger Network
ISP	Telegram Messenger Inc
ASN	AS62041

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

772258679 | 2024-04-19T21:26:37.860237

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Fri, 19 Apr 2024 21:26:37 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://comments.app/

-528595346 | 2024-04-19T21:26:58.383132

443 / tcp

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Fri, 19 Apr 2024 21:26:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-Host: 149.154.164.13
Pragma: no-cache
Cache-control: no-store
Location: https://core.telegram.org
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c3:ec:7a:54:ec:f8:ed:c8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Apr 11 08:46:17 2024 GMT
            Not After : May 13 08:46:17 2025 GMT
        Subject: CN=*.comments.app
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a7:a0:c1:c2:73:e8:61:88:56:bb:cf:4a:bb:8b:
                    1c:74:20:07:40:7c:23:37:6e:4d:f8:30:ce:56:01:
                    dd:43:58:9f:2c:dc:89:99:57:9a:60:de:c6:65:da:
                    8a:e1:de:a2:52:68:51:8d:bb:62:bc:42:dd:e8:ee:
                    77:b5:ff:8d:8b:61:d4:e2:76:cb:18:53:20:f3:78:
                    12:b6:18:d9:f5:9a:0e:f6:48:8d:48:15:bd:5c:6f:
                    28:3b:a8:22:f5:12:be:26:f0:b3:4a:00:4a:b7:24:
                    df:31:b0:f0:da:8c:0d:6c:79:09:f1:ec:46:0f:93:
                    89:d5:c2:32:02:3c:58:d6:ec:48:5f:38:d8:80:2f:
                    b8:b6:0b:92:77:2b:2e:71:06:40:50:a5:cd:6c:e4:
                    2f:93:36:fc:40:6b:43:45:c6:c3:24:8d:19:fa:9e:
                    4a:b0:b8:a7:ec:72:0c:fd:b9:cd:4b:c5:a4:32:12:
                    54:6a:bf:a1:16:58:4f:ee:10:da:e4:38:be:66:c5:
                    72:01:c8:cc:37:e0:43:94:a4:77:dc:32:93:4f:55:
                    c0:8b:53:f0:0d:30:a3:78:3f:51:2b:e3:1b:4a:7d:
                    3f:9f:08:1f:d3:f3:f0:a8:52:45:32:d3:7e:c3:b7:
                    8e:a1:2b:57:78:27:08:eb:4f:6d:ed:3f:81:f9:fd:
                    e8:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.godaddy.com/gdig2s1-19869.crl
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.114413.1.7.23.1
                  CPS: http://certificates.godaddy.com/repository/
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.godaddy.com/
                CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
            X509v3 Authority Key Identifier: 
                40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
            X509v3 Subject Alternative Name: 
                DNS:*.comments.app, DNS:comments.app
            X509v3 Subject Key Identifier: 
                B0:D8:BE:7F:47:C6:2B:B6:A2:7A:2A:20:6B:48:FB:73:82:5E:BC:E5
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr 11 08:46:18.440 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5B:69:90:9E:60:6D:A4:68:97:0F:DA:AB:
                                16:D0:AE:03:EF:37:88:57:B5:45:78:0E:C7:57:43:DC:
                                E6:F4:7A:97:02:20:47:9E:97:24:6E:D9:93:F9:C5:1A:
                                54:89:D5:41:74:52:AE:C7:BB:C3:87:F4:75:BB:80:32:
                                9F:06:18:B0:38:FA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Apr 11 08:46:19.953 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:17:22:8B:B8:88:B4:F6:57:7C:CB:C5:4F:
                                68:CA:93:22:9F:30:3B:9C:57:2C:8F:08:71:9E:7C:CD:
                                DE:64:67:2A:02:20:2A:8D:BE:50:DA:A1:92:DE:45:93:
                                92:57:0A:C7:0B:F1:A9:DE:17:72:6D:B0:7B:A2:EF:6F:
                                F2:A8:1F:5F:65:EE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Apr 11 08:46:20.073 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B7:47:04:50:2A:38:0A:C4:CD:C6:E8:
                                0B:24:30:B6:26:F6:10:22:DD:8A:F0:7E:FC:F6:41:55:
                                C2:84:0A:1C:61:02:21:00:B7:6B:5F:55:81:8E:B8:1C:
                                70:EA:6E:78:AA:8B:2F:A7:0D:68:F0:E5:12:BB:DB:11:
                                09:7A:C9:2A:85:10:AC:39
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1f:62:09:de:98:5a:93:9e:bb:ad:25:87:17:e3:07:22:bd:fd:
        fa:ce:f2:b7:07:dd:09:c2:58:df:30:6a:75:aa:ac:85:31:92:
        69:6c:72:de:6f:3e:b1:14:c5:f2:a8:d6:24:7a:fb:2b:c2:ca:
        17:65:20:56:98:a4:06:1b:19:60:99:96:d3:73:84:48:fc:69:
        99:47:3a:80:37:ba:39:dc:e5:2c:c1:a5:47:5f:b8:d6:1c:5e:
        2e:36:24:ec:56:ba:24:11:ce:25:07:28:77:1d:c4:a6:b7:7a:
        c2:b8:5b:0c:df:39:9c:25:43:c8:81:42:de:ab:ba:70:f7:c7:
        4c:e2:9a:6a:f8:b0:49:45:3a:93:42:36:6b:a0:75:8d:c7:3e:
        2f:40:a8:d8:e8:5b:2d:be:40:39:20:72:8a:e0:e0:f1:36:f8:
        bb:94:67:8b:f6:15:70:7e:e7:29:e2:8c:d1:d4:ec:47:c2:27:
        14:8c:25:25:a2:bb:bb:17:01:c3:27:dc:cf:22:13:25:4d:a9:
        2c:99:cc:d3:0d:4d:c7:8b:7b:c4:a4:a8:9e:07:c5:dd:95:c8:
        2d:fe:a7:e9:c1:4e:6b:15:c9:cb:c9:85:02:bd:b8:5b:2c:6d:
        3a:f4:70:2f:00:71:36:8c:17:4a:de:18:a2:77:3d:cc:26:4b:
        30:e7:00:93

149.154.164.13

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

772258679 | 2024-04-19T21:26:37.860237
80 / tcp

nginx1.20.1

-528595346 | 2024-04-19T21:26:58.383132
443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

149.154.164.13

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

772258679 | 2024-04-19T21:26:37.860237 80 / tcp

nginx1.20.1

-528595346 | 2024-04-19T21:26:58.383132 443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

772258679 | 2024-04-19T21:26:37.860237
80 / tcp

-528595346 | 2024-04-19T21:26:58.383132
443 / tcp