GeneralInformation

Hostnames	23-95-130-121-host.colocrossing.com gitea.zikfo.com
Domains	colocrossing.com zikfo.com
Country	United States
City	Buffalo
Organization	RackNerd LLC
ISP	HostPapa
ASN	AS36352

WebTechnologies

Development

Gitea

Programming languages

SecurityContact

Contact	https://github.com/go-gitea/gitea/blob/main/SECURITY.md
Policy	https://github.com/go-gitea/gitea/blob/main/SECURITY.md
Preferred-Languages	en

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000

274029660 | 2024-04-20T19:28:30.361441

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDS9Ir4xiXlC+OWfQ79VKH3y4TSdomLIxPldcnZcWqVBEaK
F6yT6qyE1dFIA/SMJOtrThEeatHuOhmQSAbgYx2UyzV+Lpo71J7oQInBSb3hQQciSUZpRmhBl9KT
lTJvaEYxxKL5BLq71xkEnosiXlRJIYNju3bp4gqQHaKffZu7DYNgXi33HgtBmN/Sww3by9vKpZ08
q26B9y5AY9HIpT0mMawQdtuZqma3Q3Ayv2fdLKFIoga0eoZXD/EXHjf5xZL8Ed6/Ea4VpjjkCadV
JGrO1NDcSvEoCLSmDYv0kUUcMaQDPQbMBg1L03u8x5oXvoy09Ut2MaiycbyrCJuIyNB2qmywzEfZ
J9XCoZ4BoVyF3Qc/S6yDnblklH/sZpq4VPAu5gC+b3m2m7P0ozKRjFKp5GQA9ZtER4BXOMfm5S93
VGP7gdcadMHaB44GKbUrRthDuX9qmeNTKlE5J8PR0QmUVVXSiROhuhZIsHxM6uBRa3qDvHZb3HM8
vAh3rrU2DNU=
Fingerprint: 82:51:1d:91:65:32:b4:3c:73:71:4e:32:aa:b2:f0:35

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-18T02:04:54.454711

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 18 Apr 2024 02:04:54 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Mon, 26 Jun 2023 02:43:39 GMT
Connection: keep-alive
ETag: "6498fb5b-264"
Accept-Ranges: bytes

-31120905 | 2024-04-18T03:13:36.542328

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 18 Apr 2024 03:13:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, private, must-revalidate, no-transform
Set-Cookie: i_like_gitea=3fbb99d78c51c12b; Path=/; HttpOnly; Secure; SameSite=Lax
Set-Cookie: _csrf=6RKqLJXhT7f2idQzKePyek3-ZHM6MTcxMzQxMDAxNjUwMTA5NzEyNA; Path=/; Max-Age=86400; HttpOnly; Secure; SameSite=Lax
X-Frame-Options: SAMEORIGIN

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:85:ce:5a:26:8c:9e:98:69:fd:46:dc:e5:e9:45:29:1e:5e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 27 19:53:49 2024 GMT
            Not After : Jun 25 19:53:48 2024 GMT
        Subject: CN=gitea.zikfo.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b3:ae:39:90:b8:9c:c6:ff:c6:da:3d:cf:5d:2a:
                    6a:62:45:7d:51:9e:59:67:ff:af:f6:06:c1:1b:2d:
                    75:94:35:4c:fe:43:59:85:62:35:56:75:60:b6:6d:
                    8a:10:50:00:22:ea:9f:7a:98:47:4b:cf:66:e2:f6:
                    87:61:db:bb:f3:e2:d1:f8:3c:53:35:23:36:41:0a:
                    7d:e4:3d:4a:62:9a:5a:0a:d1:5f:50:cd:27:dc:2f:
                    ae:b3:12:9d:da:1b:83:1a:dd:d5:8e:bd:63:89:44:
                    59:a1:a3:14:c5:1c:08:93:0e:5d:fb:45:2a:19:b9:
                    ce:ff:55:f7:f2:29:19:c9:af:f0:95:d7:ea:ef:4c:
                    fe:ce:8e:aa:1d:3f:65:d9:15:a8:a1:e5:7d:65:53:
                    30:e4:d3:53:a8:85:23:e6:f6:41:6e:f3:7c:d0:4f:
                    a2:5c:32:53:ba:b2:53:4e:47:1f:13:19:e1:b1:5b:
                    ed:76:1e:e3:01:f6:4c:8b:ab:8d:b6:53:71:82:15:
                    ae:87:4c:bd:0f:2e:58:66:8b:c9:66:28:5f:f8:89:
                    b7:c9:89:6f:76:9a:a3:0e:11:2d:b5:a2:cd:b0:4f:
                    ee:b2:5a:14:78:d2:92:4a:99:e6:72:da:fd:e5:6f:
                    8d:59:05:cf:57:30:a6:b9:ae:4f:43:bf:1d:f2:9b:
                    aa:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                A2:A8:02:58:0D:38:D0:1E:B4:EB:90:7F:E6:D6:F1:3A:7F:20:26:F6
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:gitea.zikfo.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Mar 27 20:53:49.880 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7F:40:9C:BA:99:15:DA:36:22:2B:63:57:
                                D4:47:A3:A6:9C:87:70:92:A9:4A:A2:A3:3B:4D:CE:9F:
                                CB:FD:DC:49:02:20:7B:32:FF:AD:81:2C:BB:5C:42:7E:
                                8F:53:EF:74:2B:25:C3:F6:0D:51:C7:3C:1F:3A:60:90:
                                54:7A:DD:2B:56:CF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 27 20:53:49.870 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:84:FF:D4:6C:7F:B2:E6:37:C3:1E:ED:
                                7B:F8:1A:DF:61:B5:4B:0B:04:84:32:63:4E:24:B0:8D:
                                91:4C:43:BE:2E:02:20:4D:31:EE:F4:91:AE:FA:1A:B5:
                                0F:16:CF:BA:A5:F4:58:7A:03:36:C9:DB:0A:59:CE:1A:
                                1F:2A:9E:F2:5A:97:B3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a9:0d:46:e4:3e:76:58:5a:1b:39:5e:b3:7a:d8:ee:c9:39:eb:
        37:81:3b:8a:ea:b9:b4:fe:07:30:9c:38:ae:a5:2f:73:9e:7b:
        97:0f:ac:d9:11:8c:6a:50:3b:06:ca:a4:7b:94:3d:61:d9:b2:
        3a:53:3a:f4:fb:69:5a:7a:96:a6:52:d6:82:46:30:fb:44:a9:
        ff:dd:13:1c:25:b8:60:fd:8e:1d:26:71:65:29:a2:a8:ce:9a:
        21:18:1d:80:3e:9a:7c:f2:1e:14:eb:d7:74:0e:ed:2a:82:7a:
        54:84:d9:9c:3a:44:eb:6b:d2:bd:8d:55:bb:aa:2a:8f:03:c2:
        ff:ea:42:79:58:cf:56:fd:8e:c0:34:4d:70:0e:3f:27:26:a9:
        e1:43:34:a1:cc:65:2d:e3:9e:3d:0f:48:82:36:2d:58:b9:dd:
        d6:16:5f:5b:43:a2:87:26:96:50:53:1e:a1:8d:18:dd:30:75:
        c7:c9:5b:dc:15:13:3e:52:2b:57:a4:d6:5a:a3:70:5d:23:5f:
        35:88:b0:c9:dd:83:91:0e:fd:df:c8:4d:d5:63:34:19:86:2b:
        62:69:fa:4e:a3:d2:9e:9c:2b:af:0b:e7:83:0f:48:da:7d:5f:
        73:d2:36:eb:d2:f4:d5:a7:dc:ca:f3:09:3b:cc:34:de:55:32:
        55:d3:4f:14

1215112544 | 2024-04-25T05:29:57.336571

3000 / tcp

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate, no-transform
Content-Type: text/html; charset=utf-8
Set-Cookie: i_like_gitea=88381395252876bf; Path=/; HttpOnly; Secure; SameSite=Lax
Set-Cookie: _csrf=cyesQvq_RuMfE4J9__9qYXHyn7o6MTcxNDAyMjk5NzAzNTMyOTgyNw; Path=/; Max-Age=86400; HttpOnly; Secure; SameSite=Lax
X-Frame-Options: SAMEORIGIN
Date: Thu, 25 Apr 2024 05:29:57 GMT
Transfer-Encoding: chunked

23.95.130.121

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

SecurityContact

Vulnerabilities

OpenPorts

274029660 | 2024-04-20T19:28:30.361441
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1651973090 | 2024-04-18T02:04:54.454711
80 / tcp

nginx1.18.0

-31120905 | 2024-04-18T03:13:36.542328
443 / tcp

nginx1.18.0

1215112544 | 2024-04-25T05:29:57.336571
3000 / tcp

Products

Pricing

Contact Us

23.95.130.121

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

SecurityContact

Vulnerabilities

OpenPorts

274029660 | 2024-04-20T19:28:30.361441 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1651973090 | 2024-04-18T02:04:54.454711 80 / tcp

nginx1.18.0

-31120905 | 2024-04-18T03:13:36.542328 443 / tcp

nginx1.18.0

1215112544 | 2024-04-25T05:29:57.336571 3000 / tcp

Products

Pricing

Contact Us

274029660 | 2024-04-20T19:28:30.361441
22 / tcp

1651973090 | 2024-04-18T02:04:54.454711
80 / tcp

-31120905 | 2024-04-18T03:13:36.542328
443 / tcp

1215112544 | 2024-04-25T05:29:57.336571
3000 / tcp