GeneralInformation

Hostnames	dinternal.webcase-dev.com www.dinternal.webcase-dev.com
Domains	webcase-dev.com
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

WebTechnologies

Security

reCAPTCHA

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

1310934737 | 2024-04-23T12:37:10.164799

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDl792kID0IPQM0RMA9OklH/0FA0b62TSr5Md2DD88lC/Hj
onF6Hl+ORid79hL5lbmjU0m8otpz/fIWHOoneIt/QHOa8C2GkUpWmGTc1bL3ZRTYqDmEsNKyCtbI
qqH1J97EJ0FGc03nyVruHUGTt8fyeaUREW6kk9CEqW5WdBNWEGm6ZWBHaVQLwB1ftI8I3Ey64hxQ
qw2QpdtnocrI2A+/r9sKSlheaLDYoHo4ers3wMGWIAPZ8SUzTZbvz9nzBvpeMzt11DiqWpU3TRG5
N3SBGyofKDuSZ0ysWH8DusKVZZeMdxj4yy9P8OZQwJlxVKUXem+GVKVRz/ps8qDOO4ymuHwMXFHm
QHTshvZZ3aA0hKFg6wFYPQaLAp+iihLmOr4rM1i7Ens353AvvLCT0FTajaK3UwTYwVWnhI2fl00r
ti3FAdABI82+8u36tuYbVvPDCndV9tKWaKzhHLobM/7xKhjZJNlcDb11Lapb/VgaYC7UfnHNOKtr
ugIy/AbN58E=
Fingerprint: 4b:f9:dc:1f:fa:3f:d5:78:aa:16:98:74:8a:db:df:29

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-2120412095 | 2024-04-25T01:33:31.862903

80 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 25 Apr 2024 01:33:31 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://dinternal.webcase-dev.com/

-1362894349 | 2024-04-25T01:33:35.101646

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 25 Apr 2024 01:33:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 191638
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Language, Cookie
Content-Language: uk
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: default-city=2316; HttpOnly; Path=/; Secure
Set-Cookie: sessionid=vltrhgf33r06gkcq0wlghbery3q5mgdu; expires=Thu, 09 May 2024 01:33:34 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax; Secure
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'unsafe-eval' *;

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:8c:5c:dd:02:2a:ee:c3:3f:3f:94:70:d1:d2:29:22:0e:c4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 14 08:59:12 2024 GMT
            Not After : Jun 12 08:59:11 2024 GMT
        Subject: CN=dinternal.webcase-dev.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b9:9b:75:31:aa:08:d9:34:3b:02:34:45:c7:e5:
                    64:42:c8:d4:f3:d2:e8:b8:46:73:e1:50:41:a1:b9:
                    94:93:cc:7e:d0:72:d5:5b:5c:df:af:26:bb:76:36:
                    f2:70:47:9e:4e:89:f1:61:09:2c:8a:9a:25:0a:46:
                    02:f6:4b:b5:66:c7:da:d6:fe:8b:45:15:19:d0:ce:
                    df:db:12:85:38:ee:2e:0f:76:c3:cf:99:49:bb:8a:
                    d9:a6:d8:0c:07:7b:fc:e4:94:c9:6e:64:7d:2b:ee:
                    03:c8:f5:f4:1c:9a:a6:9b:9c:0e:db:71:b5:b3:c4:
                    b0:65:94:6e:19:3d:f1:8c:19:76:ef:d9:1c:9a:be:
                    ae:64:d9:82:25:4d:0b:62:f1:6f:a4:b8:ec:d2:d0:
                    12:56:92:11:4b:0f:41:cf:1a:ea:50:7b:a8:50:d3:
                    04:da:e6:30:d7:ab:db:de:ac:88:4e:ce:c2:bb:db:
                    29:f1:fe:4e:d6:fc:11:c0:dc:d6:e9:49:03:da:54:
                    5c:52:52:01:42:c8:d9:58:38:4e:50:52:80:81:4d:
                    8e:53:22:70:9f:d9:a6:99:e8:9a:80:8b:25:52:b9:
                    d7:17:aa:7b:74:23:5a:7d:df:40:93:dc:a6:c7:e3:
                    3e:9a:46:12:3b:0b:4a:c0:e6:24:ce:c6:b0:3b:ce:
                    4d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:36:F0:40:7D:70:14:15:DE:D4:B1:BC:1B:6C:92:C1:1A:6C:D5:48
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:dinternal.webcase-dev.com, DNS:www.dinternal.webcase-dev.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 14 09:59:12.882 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3D:CC:7E:47:E3:F9:9D:0F:C2:0D:16:81:
                                86:7B:B3:3F:F4:31:37:51:3A:2F:67:F6:2E:52:FA:D7:
                                51:DB:FA:DF:02:21:00:FD:EC:BC:66:F3:B9:B2:64:88:
                                14:C8:75:E1:7F:B2:79:EA:E4:EF:53:E5:DF:1C:2A:00:
                                FD:63:84:34:32:8D:17
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 14 09:59:12.918 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:11:FC:08:5A:F6:89:C6:AA:D0:7E:9E:D4:
                                38:D2:A2:AD:F9:06:AA:55:CC:EB:66:3B:B3:FE:86:FA:
                                9D:7A:45:62:02:21:00:AA:A4:EF:B5:73:6C:22:AE:DC:
                                D3:5E:F5:04:2B:49:47:BA:E3:77:42:7C:9A:E3:1C:9D:
                                7A:4C:7A:2B:40:5D:A4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        64:67:87:10:d5:61:ff:f9:91:c5:fc:14:3f:c8:23:b8:89:db:
        11:95:4f:0d:4d:93:59:38:d0:c1:68:c6:01:16:d9:1f:09:ec:
        85:c2:e0:05:2b:0a:4c:e4:16:8c:09:64:e2:b3:33:ff:e6:a8:
        33:28:6c:b6:a0:36:4c:2b:d7:7a:67:22:ec:62:aa:04:e9:c9:
        ad:6e:ee:c9:f2:55:3c:35:2b:a8:59:d4:ff:ef:d3:d3:f4:b1:
        c4:43:c4:f5:61:54:f0:2d:66:51:f7:94:8e:dc:2b:e6:ba:5b:
        d6:12:23:6b:32:a7:d1:81:f0:75:0f:00:03:0f:1b:c7:33:50:
        ef:88:8f:3f:b1:af:c2:f6:8c:d1:4e:71:79:07:68:1e:9b:0d:
        bb:ce:5e:02:78:5d:69:7e:3a:6e:42:bc:f1:72:fb:15:d2:4f:
        ce:45:ac:3e:b5:16:35:41:de:e1:af:70:32:be:58:c5:57:fd:
        6c:78:7c:17:39:08:96:02:d3:e9:b9:90:07:a3:08:22:0b:91:
        40:68:65:c0:a3:ed:d8:96:2c:9e:7f:23:1f:58:90:91:0e:ba:
        4d:a7:67:01:8c:ef:36:57:56:35:d7:45:21:05:b8:75:00:65:
        ae:f1:2d:c1:13:b3:e2:01:26:81:bd:9d:8f:a2:72:c8:d7:ec:
        cb:96:ca:70

207.154.255.165

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1310934737 | 2024-04-23T12:37:10.164799
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.2

-2120412095 | 2024-04-25T01:33:31.862903
80 / tcp

nginx1.18.0

-1362894349 | 2024-04-25T01:33:35.101646
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

207.154.255.165

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1310934737 | 2024-04-23T12:37:10.164799 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.2

-2120412095 | 2024-04-25T01:33:31.862903 80 / tcp

nginx1.18.0

-1362894349 | 2024-04-25T01:33:35.101646 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1310934737 | 2024-04-23T12:37:10.164799
22 / tcp

-2120412095 | 2024-04-25T01:33:31.862903
80 / tcp

-1362894349 | 2024-04-25T01:33:35.101646
443 / tcp