GeneralInformation

Hostnames	lea.lgbt autoconfig.lea.lgbt autodiscover.lea.lgbt mail.lea.lgbt talentbook.lea.lgbt smtp.mobilize.hamburg
Domains	lea.lgbt mobilize.hamburg
Country	Germany
City	Berlin
Organization	Strato Rechenzentrum, Berlin
ISP	Strato AG
ASN	AS6724
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 2222 5000

589765266 | 2024-04-19T07:07:33.626947

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 19 Apr 2024 07:07:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://85.214.96.186/

780672404 | 2024-04-23T22:07:32.507490

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 23 Apr 2024 22:07:32 GMT
Content-Type: text/html
Content-Length: 568
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:71:0a:77:7b:87:6c:4c:28:c5:e7:1f:22:58:8b:0c:1a:5f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 27 20:41:24 2024 GMT
            Not After : May 27 20:41:23 2024 GMT
        Subject: CN=lea.lgbt
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8e:be:6f:ad:e3:05:72:53:3b:75:b3:dc:9d:61:
                    7e:0a:31:4e:1f:88:d8:92:a2:22:09:59:fb:aa:21:
                    48:2b:3f:20:e3:56:6d:b7:15:5f:eb:8e:19:dc:7c:
                    2b:1b:ee:2d:9f:09:54:e9:6b:a2:9c:fb:e0:34:b2:
                    bd:7a:2a:c6:97:22:7c:ad:d6:35:9d:84:27:b2:17:
                    d8:4c:1a:4a:6f:36:2f:76:6b:a3:ee:89:a8:0a:14:
                    96:18:8c:5f:89:c7:17:17:d2:8c:e9:6e:04:02:5e:
                    72:e0:6b:be:7f:39:33:98:ed:36:36:d0:e0:5d:3d:
                    b8:c0:dd:fa:b5:a5:c1:a9:9b:9c:73:86:f9:cb:be:
                    ae:4f:99:ad:b8:8d:1d:48:c9:2d:f0:2d:77:96:43:
                    7e:87:1e:13:ad:25:dd:ab:1f:b0:b7:d8:e4:b8:62:
                    55:ee:b3:66:89:c3:79:ae:dd:db:e5:ce:ed:cc:8c:
                    0f:56:ca:65:ea:dd:bf:19:d3:9e:04:63:33:3a:06:
                    a8:ae:d7:0f:4f:8c:11:15:5a:2d:d7:00:93:14:35:
                    21:e8:48:96:ec:71:43:c4:5e:71:e4:68:2c:72:e9:
                    96:66:75:36:3f:89:1c:ad:97:8b:72:c7:6f:b1:be:
                    51:09:f5:1e:30:64:26:9d:4c:ab:1e:0b:6a:1a:c6:
                    a3:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                CC:A3:3C:5E:AD:C8:66:76:89:FF:1B:CF:2C:24:38:F4:AD:0B:8B:1C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:autoconfig.lea.lgbt, DNS:autodiscover.lea.lgbt, DNS:lea.lgbt, DNS:mail.lea.lgbt, DNS:talentbook.lea.lgbt
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb 27 21:41:24.534 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C9:C3:E2:68:8D:1D:E5:26:61:6C:79:
                                DE:74:CA:FD:03:C2:78:3C:DA:BA:46:D1:AC:AC:D0:1A:
                                2E:05:FD:A4:E6:02:20:48:38:2B:BC:66:98:8F:4F:4D:
                                72:FB:DB:FB:7C:AD:F1:B7:5D:30:3A:25:14:26:97:FE:
                                A3:65:CF:50:B6:52:DA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 27 21:41:24.514 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9A:7A:3E:EE:73:B2:34:7E:BD:A0:85:
                                9F:CC:73:65:94:53:66:57:34:7C:F1:AC:F2:1A:C2:56:
                                0F:98:57:FE:6A:02:20:38:AD:FE:7C:00:25:2A:AF:D0:
                                39:9A:54:4A:38:4D:E4:DD:BD:40:97:40:B7:4F:9B:E1:
                                9B:1C:65:34:D0:55:B2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7f:1d:29:aa:c0:a8:9f:a0:c8:bb:1e:8a:fb:a6:4c:80:cc:db:
        4e:45:d7:53:8d:6e:ef:2a:ef:1a:63:9f:b7:5e:54:9e:61:4e:
        6a:18:14:f8:a0:56:5b:20:8a:e8:24:da:19:4b:32:38:92:97:
        a0:08:4e:a6:05:93:e0:88:f5:bc:72:9f:c6:e2:b6:4c:f9:5d:
        80:03:77:84:03:50:25:4a:16:93:39:c9:3b:e1:4b:9b:4e:c9:
        18:8f:dd:b9:23:68:1b:c3:05:cb:5b:07:53:c9:46:f6:67:e9:
        19:7f:04:7d:f2:21:2d:74:4f:38:91:9b:33:5c:19:5e:2b:cc:
        32:ec:b6:e4:4c:63:2c:27:b8:97:43:25:3d:18:ef:a0:a8:f1:
        dc:32:9f:3f:c8:f6:ee:33:af:0d:99:bc:50:29:11:ed:26:8d:
        a1:df:8e:b3:75:2f:d2:d9:ea:be:59:cb:a9:ba:5d:c9:85:0d:
        39:d3:9e:4c:ef:29:d4:c2:52:10:d3:2e:6e:07:b2:19:3b:ac:
        c1:c6:3e:ca:40:3c:7e:7d:67:fe:fa:d8:d6:73:fd:1b:6d:a0:
        46:b6:01:4d:fb:c9:f4:7f:cd:97:5b:9b:60:2a:23:37:5d:f2:
        17:e8:c0:a7:19:c9:25:86:c7:b2:ab:47:ff:38:ea:c7:8a:a5:
        c9:7a:13:4b

442048284 | 2024-04-23T21:07:15.786002

2222 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJcOWAHuiC41v8tFUsvCM1m0
2GrODiJ654I1Q60ovLJH/pbcL7zI1QroTKdCavzTd+S6UcDDfnwpoi4tECcluYA=
Fingerprint: 8e:04:ac:a7:6e:63:14:e3:32:55:c2:9d:3a:3a:28:d9

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-5354232 | 2024-03-31T03:00:10.910954

5000 / tcp

HTTP/1.1 200 OK
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
content-length: 2097
content-security-policy: upgrade-insecure-requests;frame-ancestors 'none';frame-src 'none';font-src 'self' ;media-src 'self' ;img-src 'self' data: blob: *.tile.openstreetmap.org search.joinmobilizon.org;connect-src 'self' * blob: https://mobilize.hamburg wss://mobilize.hamburg ;style-src 'self' ;script-src 'self' 'unsafe-eval' 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI=' 'sha256-zJdRXhLWm9NGI6BFr+sNmHBBrjAdJdFr7MpUq0EwK58=' ;default-src 'none';base-uri 'self';manifest-src 'self';
content-type: text/html; charset=utf-8
date: Sun, 31 Mar 2024 03:00:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F8G6Jy8AEPdaF0MAABkk
x-xss-protection: 0

85.214.96.186

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

589765266 | 2024-04-19T07:07:33.626947
80 / tcp

nginx1.18.0

780672404 | 2024-04-23T22:07:32.507490
443 / tcp

nginx1.18.0

442048284 | 2024-04-23T21:07:15.786002
2222 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-5354232 | 2024-03-31T03:00:10.910954
5000 / tcp

Products

Pricing

Contact Us

85.214.96.186

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

589765266 | 2024-04-19T07:07:33.626947 80 / tcp

nginx1.18.0

780672404 | 2024-04-23T22:07:32.507490 443 / tcp

nginx1.18.0

442048284 | 2024-04-23T21:07:15.786002 2222 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-5354232 | 2024-03-31T03:00:10.910954 5000 / tcp

Products

Pricing

Contact Us

589765266 | 2024-04-19T07:07:33.626947
80 / tcp

780672404 | 2024-04-23T22:07:32.507490
443 / tcp

442048284 | 2024-04-23T21:07:15.786002
2222 / tcp

-5354232 | 2024-03-31T03:00:10.910954
5000 / tcp