GeneralInformation

Hostnames	t.me
Domains	t.me
Country	United States
City	Miami
Organization	Telegram Messenger Network
ISP	Telegram Messenger Inc
ASN	AS59930

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

443

1834375099 | 2024-04-24T05:23:28.897272

443 / tcp

HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 05:23:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-Host: 149.154.175.205
Pragma: no-cache
Cache-control: no-store
Location: https://core.telegram.org
Strict-Transport-Security: max-age=35768000

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4353250557255357130 (0x3c69da513b7a12ca)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Oct  6 19:50:31 2023 GMT
            Not After : Nov  6 19:50:31 2024 GMT
        Subject: CN=*.t.me
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:ba:a9:80:90:64:62:fd:3f:76:d8:24:8f:62:
                    ed:54:da:ce:99:c1:33:37:1e:e5:18:43:a1:a0:96:
                    2d:64:94:a6:9f:f7:ec:20:46:1a:44:bb:f8:32:13:
                    20:79:f3:e6:b7:3c:1c:68:3b:c5:4a:73:b7:4c:b3:
                    66:fd:a5:30:a1:f0:43:a3:2f:1c:4b:56:93:3d:55:
                    8e:81:ba:6c:c7:e7:50:87:5e:09:7a:4e:13:45:6c:
                    e7:c1:eb:c7:4a:28:7b:20:d1:16:2f:64:7d:3f:53:
                    dc:c4:27:9f:28:ec:87:58:79:e8:14:90:dc:99:d0:
                    0e:95:00:96:f5:db:bb:c0:88:45:59:00:c3:33:d9:
                    0c:3a:3a:ce:a5:68:b0:e8:11:85:b3:fe:82:3d:38:
                    64:c9:68:33:41:31:05:83:33:b0:87:ec:05:b5:e0:
                    9b:43:2c:ac:14:6b:dc:29:d4:18:63:93:b4:24:f0:
                    25:4f:8e:13:db:fe:e3:cf:6e:2f:7d:21:a9:56:24:
                    8a:97:ce:fc:46:89:f6:b0:17:5c:59:66:de:c6:7e:
                    f2:8c:4f:c5:12:b6:e8:1f:6c:cc:78:be:59:42:59:
                    c0:f0:48:f4:74:a6:6a:55:a0:49:0c:ea:20:c0:be:
                    e1:ac:b4:5e:2b:55:84:01:12:5e:1d:d3:43:2c:5e:
                    4f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.godaddy.com/gdig2s1-9858.crl
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.114413.1.7.23.1
                  CPS: http://certificates.godaddy.com/repository/
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.godaddy.com/
                CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
            X509v3 Authority Key Identifier: 
                40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
            X509v3 Subject Alternative Name: 
                DNS:*.t.me, DNS:t.me
            X509v3 Subject Key Identifier: 
                BA:EC:EB:BF:52:B4:1C:7D:6A:EB:25:37:8A:F2:A1:F4:BE:C7:31:55
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Oct  6 19:50:34.837 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E1:7C:A4:A8:B7:FC:D7:7F:65:35:35:
                                BA:50:C5:77:A3:07:99:C0:9F:7F:3D:65:49:0B:FD:F6:
                                64:B9:AD:89:54:02:20:6D:A6:6B:1E:23:CC:D2:0B:0E:
                                F5:63:4F:FF:8B:CB:DC:91:7B:0C:7F:04:ED:E4:74:4D:
                                D6:CE:26:7F:7C:CD:1D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Oct  6 19:50:35.005 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F2:6D:B6:7E:18:91:A7:62:2C:49:CF:
                                FC:80:5C:C4:5A:AF:F2:74:2B:E8:F3:55:0C:61:85:13:
                                B4:34:06:E1:B7:02:20:72:AB:6E:D1:4F:65:AE:25:16:
                                9E:58:B6:7C:01:1B:F7:34:F3:BA:8A:A2:F8:FD:68:32:
                                70:1F:25:15:4A:76:94
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Oct  6 19:50:35.128 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B9:63:44:E2:58:5B:8F:C2:A5:94:EA:
                                24:34:EE:6D:EF:A9:9E:5D:EB:5D:11:82:2D:8A:83:A3:
                                5C:92:E2:05:7E:02:20:32:A7:84:54:D7:A8:91:07:52:
                                F8:19:FC:8D:6F:51:A3:F7:5B:76:32:ED:84:15:B4:A5:
                                C0:36:5C:B8:1D:6D:3F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4b:8c:4f:67:9c:a3:4e:0b:2e:62:db:b7:4e:6f:b7:a4:1b:36:
        4f:a2:2c:77:6f:e7:cc:6f:1a:97:db:09:07:2b:94:1b:2c:60:
        a9:2f:90:e5:a1:02:d2:b6:cb:d1:f4:6b:b6:1e:db:18:be:83:
        49:f0:e7:a3:23:6f:36:8e:b4:03:0b:d9:ab:ce:b7:33:a0:ee:
        25:7f:89:cf:2e:2e:a2:31:b2:56:f2:5b:8b:26:98:86:4b:45:
        c0:19:df:42:6e:d6:f7:2e:17:a3:a7:05:9f:0c:5e:d7:f1:a5:
        96:d1:48:82:10:11:71:e1:d8:04:4a:ce:21:dd:0f:49:9a:b4:
        9c:a1:a6:17:cd:3d:34:e3:b7:c7:0f:12:93:6d:1b:b6:3e:44:
        ca:ff:1f:fb:56:07:e7:ce:c6:02:38:5e:be:ce:8f:46:cb:46:
        4a:82:c8:e2:7b:44:43:62:50:67:a1:01:87:ac:40:d8:c7:7f:
        a7:f5:0f:0b:3e:d9:01:e2:69:aa:67:fe:9d:a8:f1:51:e3:eb:
        9c:35:4e:df:99:dc:2a:6c:08:f1:ce:0c:65:b6:6a:c4:96:5d:
        64:bd:e8:05:d6:bc:5b:1b:6f:b2:05:61:a7:b8:bc:02:1a:d7:
        39:be:ac:5a:32:54:21:ae:51:3a:2d:0a:f8:45:48:47:56:b5:
        1b:68:82:9b

149.154.175.205

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1834375099 | 2024-04-24T05:23:28.897272
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

149.154.175.205

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1834375099 | 2024-04-24T05:23:28.897272 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1834375099 | 2024-04-24T05:23:28.897272
443 / tcp