GeneralInformation

Hostnames	it-secure.xyz www.it-secure.xyz
Domains	it-secure.xyz
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3389

-1267451741 | 2024-05-14T21:32:34.602609

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCfpzlMweIlygSqxn7jWbw6S9yZ+zXj3zASJqYAkkda/el5
CxzYCaY1PVwDF1BDBNcG4bmYud8o1hdSvoDu8eWMGTMO5Hg3/pihOW7YrQxpVDLZsVp2/OHQ5cVQ
ZE9OAdGpYgsbkgtisTgP0RMZJ82Y7lWm8bQ4CDaEsOhpowORr8eY8djnFQMRsSHvU07M9xAtvSBX
uwqa0DvQvN7yWXlYS6oxA9zUPwR37+3CavpMSHARfbNSTwRPbLfBIk5Xf3m13awGHKNtOFTkrgJz
L5WXV7XVRN2nurTCjQ9ff0FyUbMjepFfFm18z1Ph4o75N465gsUiGe/Eq16uFUJdIb3SIP9U1bck
9USZVS8MRyMveCIjgEKhPCqW0qRvkdnX0yFE2WdMzez+UHPxrzrXqeKGIjR1D3Ahq/huytMlYWL/
eTZt7VFUfrH3c9aCYzjCrusBuVd2fxco4aCIDbVn97zgft4uotkS1uo7HCA2c9+zXREZGwXbXMW2
7mOUPB4hcW8=
Fingerprint: 0d:10:19:86:d2:a1:7d:7b:da:57:95:a8:9a:4f:3d:46

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-05-17T06:20:52.056411

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 17 May 2024 06:20:51 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Thu, 24 Feb 2022 18:06:45 GMT
Connection: keep-alive
ETag: "6217c935-264"
Accept-Ranges: bytes

731197476 | 2024-05-17T06:11:13.235106

443 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Date: Fri, 17 May 2024 06:11:13 GMT
Content-Length: 19

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b9:72:8e:63:61:2e:fe:bc:20:c8:f4:6e:07:07:91:5f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Mar 19 23:59:59 2025 GMT
        Subject: CN=it-secure.xyz
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:0a:95:3b:e7:2f:21:6b:bf:46:41:2b:09:d9:
                    c2:bd:7b:d5:7b:e0:8c:fa:7d:76:f2:af:b9:1b:3e:
                    ca:ea:1d:bf:63:f2:69:76:2e:0b:7b:fe:61:b9:b3:
                    2a:4f:d2:1c:7f:0b:5c:4c:e9:00:9a:ef:1b:06:f7:
                    de:ed:65:97:5c:57:1f:b4:42:c4:66:a0:33:81:a7:
                    8e:7a:1a:eb:39:97:c9:63:b6:a1:55:66:69:e3:01:
                    48:ee:0d:cf:43:ff:03:88:f2:7a:91:7a:91:4c:79:
                    fc:56:ef:8a:60:45:79:b6:8f:b3:66:b2:05:07:f7:
                    a4:ea:a9:8f:0f:e5:b0:ae:ba:b3:59:67:96:4b:8b:
                    8a:fd:01:88:e8:14:7e:16:0a:43:de:4e:14:ef:ca:
                    e5:13:0e:2d:ba:7e:04:8d:bd:fb:89:53:c8:eb:7b:
                    2c:2b:be:3a:ed:7e:8f:88:1c:6b:42:ba:b2:99:c4:
                    65:93:31:05:16:44:99:22:06:c6:eb:ca:59:a5:85:
                    2b:8b:06:f6:43:5a:74:89:28:b5:0b:4a:c4:c9:83:
                    e0:54:0c:8e:d4:76:a7:bf:6f:30:f9:7c:6c:f4:ba:
                    be:a1:84:69:64:24:e5:2c:ec:6c:7a:9b:af:36:73:
                    d8:ee:59:d5:60:3a:29:da:50:ea:77:12:9d:6d:87:
                    af:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                78:FE:33:EF:85:9B:0A:2A:87:62:EA:02:96:A9:84:09:70:A0:0C:5D
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:it-secure.xyz, DNS:www.it-secure.xyz
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Mar 19 17:54:59.583 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C7:49:CD:9B:4D:B1:F2:0B:01:ED:56:
                                09:3A:50:9F:03:89:70:DF:D0:E2:E3:0C:80:91:11:C3:
                                57:AD:C7:EC:5A:02:20:6C:12:43:17:02:89:4C:4A:8C:
                                7C:E7:1D:90:C2:D7:F7:8C:D0:C1:05:35:6C:85:3C:76:
                                4B:EE:1F:B5:DA:12:62
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 19 17:54:59.496 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7E:2A:5D:42:C8:CC:64:2B:D8:14:5A:BE:
                                13:3C:3A:C8:35:A8:AB:79:BB:4B:96:D8:FC:D8:AB:68:
                                74:A9:98:F1:02:21:00:DF:2A:6D:27:72:DB:B1:71:17:
                                AD:5B:E4:95:CD:7E:C4:9C:C5:46:C7:EF:EF:90:84:F0:
                                3C:03:92:0C:11:75:09
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Mar 19 17:54:59.466 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2E:1B:73:49:11:7B:97:4E:7A:5E:25:98:
                                5D:85:CF:97:6E:54:78:34:4D:AA:A9:75:A0:7A:EC:97:
                                85:B1:E8:BE:02:20:5D:51:44:3F:70:3C:7D:BC:21:94:
                                61:14:2C:C3:7D:03:91:5E:C5:8F:28:CE:4C:70:91:F8:
                                CF:53:1E:C7:BE:92
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        57:21:8f:5f:b6:61:97:14:33:24:15:ba:b6:8b:3c:49:bc:75:
        0e:f6:98:f8:e2:fc:0a:8f:c4:52:fc:14:2e:05:dc:da:20:c7:
        68:30:25:bd:d5:d0:3c:e8:21:40:ad:6d:75:a2:ab:9f:36:68:
        5c:c4:55:a0:d7:3a:17:95:19:77:0f:e2:37:ce:4e:95:b2:b6:
        be:7b:8e:9a:91:6e:14:1f:8b:9e:cf:76:a6:c1:53:2d:16:d7:
        84:14:e4:c6:a2:0b:27:c8:78:25:e0:c5:69:8c:68:e3:a6:fd:
        1f:14:6c:3f:e2:d5:47:ec:7b:c8:9e:0c:ba:55:bd:dd:c1:68:
        43:8c:a6:2f:f0:4e:97:6a:65:73:cb:4e:ce:38:7a:0d:c0:a0:
        fb:e2:25:ce:16:60:32:7d:82:0b:7c:0e:fd:7b:2f:28:e7:20:
        5c:71:64:fe:84:78:5c:e9:fe:d0:fe:b3:63:48:15:28:68:fc:
        fe:f7:c2:65:1c:cf:64:79:fd:bb:a9:a5:38:45:d2:8e:13:6c:
        f2:a5:3e:bd:74:09:2f:7d:fa:66:97:d4:24:68:32:3a:48:f3:
        38:2b:a1:5a:e3:07:b4:d9:e4:c3:64:99:22:2c:7b:d6:04:da:
        28:57:72:97:56:cd:4b:0c:0c:db:b7:e2:eb:02:71:43:77:b6:
        df:d4:97:1d

-625424803 | 2024-05-04T18:46:37.259800

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x01\x08\x00\x00\x00\x00\x00

138.197.189.229

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1267451741 | 2024-05-14T21:32:34.602609
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-17T06:20:52.056411
80 / tcp

nginx1.18.0

731197476 | 2024-05-17T06:11:13.235106
443 / tcp

-625424803 | 2024-05-04T18:46:37.259800
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

138.197.189.229

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1267451741 | 2024-05-14T21:32:34.602609 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-17T06:20:52.056411 80 / tcp

nginx1.18.0

731197476 | 2024-05-17T06:11:13.235106 443 / tcp

-625424803 | 2024-05-04T18:46:37.259800 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

-1267451741 | 2024-05-14T21:32:34.602609
22 / tcp

1651973090 | 2024-05-17T06:20:52.056411
80 / tcp

731197476 | 2024-05-17T06:11:13.235106
443 / tcp

-625424803 | 2024-05-04T18:46:37.259800
3389 / tcp