GeneralInformation

Hostnames	administrativo.ts.nom.pe www.administrativo.ts.nom.pe
Domains	ts.nom.pe
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

JavaScript libraries

jQuery1.11.1

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443 50000

997590348 | 2024-05-01T01:54:13.534190

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 01 May 2024 01:54:13 GMT
Content-Type: text/html
Content-Length: 16
Last-Modified: Thu, 01 Jun 2023 22:28:53 GMT
Connection: keep-alive
ETag: "64791ba5-10"
Accept-Ranges: bytes

-182869312 | 2024-05-07T20:19:47.742925

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 May 2024 20:19:47 GMT
Content-Type: text/html
Content-Length: 1017
Last-Modified: Thu, 25 Apr 2024 17:16:21 GMT
Connection: keep-alive
ETag: "662a8fe5-3f9"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ea:e2:b8:16:43:7d:58:28:13:4a:29:d9:82:2a:be:7b:37
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  9 08:47:40 2024 GMT
            Not After : Jul  8 08:47:39 2024 GMT
        Subject: CN=administrativo.ts.nom.pe
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:85:9a:cf:f9:5d:27:52:fa:e4:e3:f6:7e:76:23:
                    6c:26:ce:53:88:15:eb:c6:67:94:c5:7f:f8:a9:79:
                    c1:51:e4:2b:3b:fb:24:1b:b8:2b:ef:8e:45:f9:e5:
                    62:c1:aa:60:95:bf:11:10:e9:f9:e1:b1:ea:21:fe:
                    3a:28:2b:d6:19
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                36:C7:A1:CA:05:C3:60:DD:C5:BF:07:5F:C1:28:36:01:2D:6E:98:3B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:administrativo.ts.nom.pe, DNS:www.administrativo.ts.nom.pe
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr  9 09:47:40.241 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:29:3C:05:3F:4C:F2:D6:34:4E:75:4C:51:
                                D9:91:E4:1B:77:EF:3B:FD:14:B3:74:A0:27:33:B2:0F:
                                B3:90:B3:07:02:21:00:D6:57:26:2B:0B:E4:45:34:8D:
                                C7:D4:50:C7:34:33:AF:51:95:93:13:AE:ED:B6:DA:BC:
                                69:F1:B7:C6:E0:0B:AA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr  9 09:47:40.436 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BD:99:5F:50:C3:34:24:18:4D:24:C2:
                                27:99:81:99:4E:7A:BA:ED:EB:FB:2E:2B:C3:41:1C:54:
                                23:10:C5:E4:4B:02:21:00:A9:13:AA:D7:FD:AA:93:57:
                                AF:D3:12:F6:AC:27:E0:C4:D9:E4:23:9C:56:FF:79:05:
                                A0:59:F6:4C:05:7D:B1:5B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        68:d0:06:3f:21:86:61:54:3f:47:ac:c4:4c:87:3a:5e:8b:1f:
        c0:c9:91:54:ec:12:41:82:43:8c:db:48:3c:ea:9c:eb:eb:64:
        80:d6:e0:c2:19:88:a6:b4:97:4f:9a:49:57:9b:d8:e4:af:6e:
        3b:83:4b:ef:45:01:ed:8e:37:34:e3:05:e9:68:df:5b:6a:cb:
        03:e1:5f:4f:25:40:03:c3:da:f9:f2:e5:57:26:22:d8:ff:87:
        bc:d1:43:a7:ba:11:82:69:52:f8:4d:3a:f3:68:ad:9a:47:69:
        bf:5b:e8:02:f8:84:52:41:3e:bb:7c:9d:d2:28:25:2f:65:1b:
        02:20:00:1d:30:1d:b2:42:85:ea:50:fe:d5:b1:ec:df:ef:ce:
        5c:bc:21:9a:91:cc:1f:8c:f5:6d:a1:57:2d:3a:b1:ea:9a:5b:
        54:9e:f9:ba:9e:5f:c1:0b:2a:4f:9d:b4:e8:1e:ec:4d:98:fe:
        82:17:62:07:3c:86:8b:03:4a:51:58:4e:52:47:d9:ee:85:63:
        bb:0b:86:6a:41:0c:46:a9:c9:fa:0f:4b:34:eb:e7:34:81:e0:
        bd:3c:95:d1:40:f0:f7:1a:2d:f9:c8:fd:b0:bb:59:23:cd:59:
        9c:40:66:07:75:e8:01:e7:03:b8:5b:75:2e:78:ca:e7:3f:9f:
        90:c8:7d:4a

545412699 | 2024-04-16T19:48:17.759790

50000 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDVd3eLKxLEoDFKHnyeB0qrUqI6BABLtm6HYV5AwW5Z+fK9
XQ4alyKTagHV9fv/gKIcNsNEIdeXL4OQbVcIB/Y///Ml7AEu/dFMmGWYJohGCIDdaEdkOqK8U2Co
wlqJl3yQCbSlYSX08dGMPEUZB/U1sXBRBdPoC4dPN4ha3vq9V9kQhUGGm5fSWTd6sSnH34cnzwad
2VXOL4KMjMCbjwU3Q+2LpDo+eXhWAZ1AkHd/mBc4LGZiteze4rGv5eRbdEiF4fDMSlbBzveS1wLI
JeJHlX7y03L7N8VRzGZl+pX+xrz2GVzvIGTJDiu403J8C1b3cjfCCkUnM0t21OtJKqLq29zFM7Hj
527p0siaNj9Ibw5+QwVClQQOCr9Aw9UjpiqKrA6vR+z4nzqm8AubCwE1MHsIuvcPRTu3x2RyfyF0
tIuRDo+TAHlyVDaQkab92vNgZtybtFO70nf17a4qmDErpxMpC7q9P2S29SVxDgjkW+hbXxBM+W1D
O4uCNIYRv5k=
Fingerprint: cd:ab:cb:0c:4c:68:2e:c6:9d:74:03:f0:54:c9:58:d2

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

157.230.79.37

Last Seen: 2024-05-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

997590348 | 2024-05-01T01:54:13.534190
80 / tcp

nginx1.18.0

-182869312 | 2024-05-07T20:19:47.742925
443 / tcp

nginx1.18.0

545412699 | 2024-04-16T19:48:17.759790
50000 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

Products

Pricing

Contact Us

157.230.79.37

Last Seen: 2024-05-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

997590348 | 2024-05-01T01:54:13.534190 80 / tcp

nginx1.18.0

-182869312 | 2024-05-07T20:19:47.742925 443 / tcp

nginx1.18.0

545412699 | 2024-04-16T19:48:17.759790 50000 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

Products

Pricing

Contact Us

997590348 | 2024-05-01T01:54:13.534190
80 / tcp

-182869312 | 2024-05-07T20:19:47.742925
443 / tcp

545412699 | 2024-04-16T19:48:17.759790
50000 / tcp