GeneralInformation

Hostnames	training.legacysecuritysystems.co.ke
Domains	legacysecuritysystems.co.ke
Cloud Provider	DigitalOcean
Cloud Region	au-nsw
Country	Australia
City	Sydney
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

WebTechnologies

CMS

Odoo

Databases

PostgreSQL

Miscellaneous

Less

Programming languages

Python

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 8069

-2117939125 | 2024-05-28T14:41:27.456565

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPWlAeiFu526HLILVJBCWSWA
uFXCWu/Mla7lZSX+S6ZYv4qrtAKbiWT20zr3CfsCeyWNUE03Q3AcQ3iYIF/GDzQ=
Fingerprint: 00:1d:1e:8f:7f:99:4b:c8:42:97:d4:dd:14:1e:b7:bc

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-05-30T18:15:38.609112

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 May 2024 18:15:38 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

162023160 | 2024-05-31T04:59:24.393193

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 May 2024 04:59:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: frontend_lang=en_US; Expires=Sat, 31 May 2025 04:59:24 GMT; Path=/
Set-Cookie: session_id=a3a95f2ab65ce7cbff6514bedc7a8b6320918632; Expires=Sat, 31 May 2025 04:59:24 GMT; Max-Age=604800; HttpOnly; Path=/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:84:2a:df:ab:5b:c2:8b:4f:01:01:9a:16:c0:1d:be:da:de
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: May 14 17:31:49 2024 GMT
            Not After : Aug 12 17:31:48 2024 GMT
        Subject: CN=training.legacysecuritysystems.co.ke
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a1:3d:46:a6:18:5e:d4:26:1d:ff:24:b7:f5:5e:
                    42:24:44:40:48:3a:30:e9:db:f9:a6:56:a9:9b:b4:
                    6b:01:43:09:cd:56:56:55:af:f3:8d:42:15:b5:2b:
                    21:5d:f1:2e:4a:5d:bd:2b:d6:0a:88:ab:ea:e5:c9:
                    77:77:9c:ce:2e:14:7d:3d:9f:9f:25:d8:4b:7a:f4:
                    2a:97:1a:4b:53:c4:7a:7a:bf:f0:88:fb:cd:1c:57:
                    55:1c:42:bf:1b:66:c8:55:73:51:e6:16:01:8c:aa:
                    16:00:8f:c5:24:92:ac:b7:11:61:26:8b:82:58:42:
                    37:a4:25:ba:e0:e6:1c:7b:dd:56:f2:25:f8:1b:29:
                    2d:5c:b1:59:39:fa:1d:2c:0d:d0:55:e0:f6:f2:e7:
                    95:08:29:1b:eb:c5:4c:d7:33:26:1d:3f:21:89:e1:
                    57:ef:0e:b4:2f:ea:93:68:31:ed:24:a9:63:06:98:
                    65:a8:ba:32:1d:5c:31:dd:2f:a2:fe:80:e9:cd:c3:
                    f0:a7:2e:b5:0d:fb:06:7d:8e:b5:ea:1a:b4:8b:c5:
                    4f:44:f4:1f:fd:33:96:7f:76:eb:05:76:1d:d0:b7:
                    16:d1:6b:92:4f:81:f6:e5:c5:86:c9:ba:51:df:c1:
                    d3:b6:1e:52:b7:98:c1:42:c6:c9:a5:42:46:b5:a8:
                    5e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                AF:22:80:D8:43:8B:E6:ED:84:EF:BB:4A:8D:18:EA:1A:D9:90:82:AF
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:training.legacysecuritysystems.co.ke
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : May 14 18:31:49.871 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A0:FC:A6:8E:E2:AC:00:13:FF:92:BC:
                                0C:DB:BE:29:47:89:56:15:1E:2D:C1:FA:92:EF:FB:A8:
                                19:B1:B0:F5:01:02:21:00:A1:AB:41:90:A6:48:EF:93:
                                C4:94:D1:3D:50:34:3B:D5:61:B6:2E:DF:A8:5B:BD:B5:
                                2F:EA:4D:10:38:B9:9D:36
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : May 14 18:31:50.046 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:07:66:E7:36:62:E9:DF:0C:74:75:7B:3B:
                                39:A3:4E:4F:68:4D:AB:34:CB:C3:A4:1C:53:2E:7D:7A:
                                B1:56:82:4C:02:20:0F:D7:DA:88:B9:DB:B6:8C:99:32:
                                2F:E2:26:88:29:18:CB:77:D6:D9:51:73:30:50:49:C7:
                                02:84:43:C4:C0:19
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        76:96:0a:ac:5a:75:ab:b4:d8:48:a0:ce:b1:bb:8f:71:19:3a:
        89:03:6f:d3:60:b2:0a:21:78:27:f5:d7:08:ea:97:92:11:57:
        7e:cc:10:05:40:3f:19:6a:e1:3c:7b:9f:92:fb:82:90:52:1b:
        1d:c0:ee:a4:73:06:6f:e7:35:71:33:e0:37:f3:b3:b9:73:6c:
        fb:22:28:8a:98:f7:1f:7d:82:8c:a7:7f:90:91:c7:b8:f4:2d:
        27:a0:be:48:0b:3f:3c:62:1d:33:ec:dc:a3:97:6f:d1:76:b9:
        91:01:0c:d2:60:f6:d6:cc:cb:4b:d4:0b:66:f7:37:26:8f:01:
        17:48:54:1f:ef:0d:6c:6a:2f:f8:79:34:15:c1:58:a4:52:e8:
        95:51:8f:60:dc:89:98:3c:16:09:3d:6f:3e:e5:74:99:af:44:
        a2:ba:08:11:88:a7:92:51:14:a6:4e:cd:04:54:c6:1f:cb:1c:
        a2:90:ed:81:17:61:66:31:73:e2:eb:16:83:bf:b1:c3:12:eb:
        e5:54:54:53:9a:e9:8d:b7:78:c3:12:c3:d7:b9:53:53:11:28:
        4c:27:b9:27:38:50:94:e2:a6:25:c5:d2:38:40:a5:08:17:d0:
        7a:a6:15:41:5d:69:5b:c4:56:cd:65:9d:d8:c8:d9:38:0d:ea:
        de:81:b2:5e

-244984456 | 2024-05-30T19:15:15.284887

8069 / tcp

HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Set-Cookie: frontend_lang=en_US; Expires=Fri, 30 May 2025 19:14:42 GMT; Path=/
Set-Cookie: session_id=b3a926282ee1f2066825cafb7815ec61cc9571bc; Expires=Fri, 30 May 2025 19:14:42 GMT; Max-Age=604800; HttpOnly; Path=/
X-Content-Type-Options: nosniff
Connection: close
Server: Werkzeug/2.0.2 Python/3.10.12
Date: Thu, 30 May 2024 19:14:42 GMT

170.64.229.252

Last Seen: 2024-05-31

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2117939125 | 2024-05-28T14:41:27.456565
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.7

677579724 | 2024-05-30T18:15:38.609112
80 / tcp

nginx1.18.0

162023160 | 2024-05-31T04:59:24.393193
443 / tcp

nginx1.18.0

-244984456 | 2024-05-30T19:15:15.284887
8069 / tcp

Products

Pricing

Contact Us

170.64.229.252

Last Seen: 2024-05-31

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2117939125 | 2024-05-28T14:41:27.456565 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.7

677579724 | 2024-05-30T18:15:38.609112 80 / tcp

nginx1.18.0

162023160 | 2024-05-31T04:59:24.393193 443 / tcp

nginx1.18.0

-244984456 | 2024-05-30T19:15:15.284887 8069 / tcp

Products

Pricing

Contact Us

-2117939125 | 2024-05-28T14:41:27.456565
22 / tcp

677579724 | 2024-05-30T18:15:38.609112
80 / tcp

162023160 | 2024-05-31T04:59:24.393193
443 / tcp

-244984456 | 2024-05-30T19:15:15.284887
8069 / tcp