GeneralInformation

Hostnames	skribido.saure.dev www.skribido.saure.dev static.85.25.202.116.clients.your-server.de
Domains	saure.dev your-server.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000

-305077803 | 2024-04-24T20:38:06.681855

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGhCJ4QmVadT+4e/9LmCONuu
9fUHnx3soXy3SQJYqPZ1dO0H/a4Lo4/F+Bk+CkxQvgZCRtti4rn1C+S3XIf8aFI=
Fingerprint: 35:75:4f:84:19:63:2b:04:f3:9e:bd:e6:93:85:09:33

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-19T17:40:51.192488

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 19 Apr 2024 17:40:50 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 06 Feb 2024 21:25:15 GMT
Connection: keep-alive
ETag: "65c2a3bb-264"
Accept-Ranges: bytes

-1060095501 | 2024-04-16T14:38:09.040251

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 16 Apr 2024 14:38:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:6b:35:1c:2c:d2:ff:3c:92:71:bf:61:82:4f:5e:97:cb:78
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  7 03:56:05 2024 GMT
            Not After : Jul  6 03:56:04 2024 GMT
        Subject: CN=skribido.saure.dev
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:9e:9c:89:55:c1:3b:20:61:21:c8:a8:57:e4:53:
                    a1:2f:c7:33:25:49:aa:e9:95:c0:63:62:af:78:9d:
                    b4:21:44:64:b4:ad:8b:52:f5:28:f9:de:09:03:7c:
                    e2:38:cc:da:b1:d9:aa:08:01:aa:0f:06:7f:e4:32:
                    1f:dd:38:46:3f
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                F2:58:4A:B8:07:19:D4:9A:8F:50:F5:E1:04:C7:CB:80:7C:1C:D9:89
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:skribido.saure.dev, DNS:www.skribido.saure.dev
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr  7 04:56:05.634 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:76:90:44:11:80:E3:D9:FE:75:21:
                                82:97:13:C6:58:D8:8A:24:4E:F1:CC:E2:C7:A4:7B:34:
                                A2:39:45:DA:3A:02:21:00:C2:EF:69:58:75:AD:73:A3:
                                00:70:B4:CD:3F:C4:E2:7D:8B:B7:4C:61:7F:F7:5F:AD:
                                AE:0B:3B:76:96:DE:0B:EF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr  7 04:56:05.590 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0E:49:88:35:88:54:5F:4B:D7:7F:CF:71:
                                51:3B:60:34:2E:B0:FC:CB:52:BC:24:17:3D:C4:54:2D:
                                94:FA:85:AB:02:20:37:D9:BF:D0:4E:45:20:29:42:A5:
                                79:81:FE:47:BB:6A:2B:49:B5:B7:BD:61:7A:0B:99:AE:
                                BF:DE:A5:CC:AF:C7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        05:78:f9:cb:ac:48:42:f6:85:2a:73:61:85:e1:8c:9d:cc:73:
        06:96:6d:a2:6c:f9:cc:25:5a:35:2b:d9:6c:37:9b:8d:82:d9:
        90:94:8c:9e:81:cf:ea:c5:fc:25:40:e0:58:6a:ab:26:a5:7e:
        f6:81:2f:85:9a:d7:0b:ce:af:e6:a4:cf:9b:81:e6:4a:da:2f:
        d4:25:18:1c:e2:83:65:bd:23:f3:d2:d5:51:dd:d1:ae:b6:b6:
        03:83:d3:ff:a9:05:92:9c:f5:10:a8:50:46:a8:00:83:ca:a3:
        7c:5a:c2:b6:b2:32:7b:3f:18:04:39:41:84:b6:5e:8c:03:95:
        fb:8b:82:24:09:84:52:25:ea:f1:63:b6:03:0f:35:66:3c:2a:
        fd:b5:00:d1:6e:8e:d0:2b:33:f3:40:9c:eb:fc:1c:c2:ee:e7:
        d5:ba:d6:24:89:f9:a3:88:97:3c:b4:97:e8:35:cc:cb:c6:f6:
        0c:43:37:6c:79:72:c0:09:70:2d:40:25:21:af:2f:ba:8c:bc:
        f2:f8:90:26:9a:f0:73:72:0d:00:04:30:34:e1:93:12:6d:84:
        09:dd:06:28:97:7b:00:1f:b8:78:82:21:fc:38:cb:77:6c:08:
        ee:cc:92:7d:c7:b6:07:b7:ed:c3:87:ec:6d:62:2e:b0:1b:f1:
        72:46:dc:e7

-1060095501 | 2024-04-18T01:18:13.541297

3000 / tcp

HTTP/1.1 404 Not Found
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 139
Vary: Accept-Encoding
Date: Thu, 18 Apr 2024 01:18:13 GMT
Connection: keep-alive
Keep-Alive: timeout=5

116.202.25.85

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-305077803 | 2024-04-24T20:38:06.681855
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1651973090 | 2024-04-19T17:40:51.192488
80 / tcp

nginx1.18.0

-1060095501 | 2024-04-16T14:38:09.040251
443 / tcp

nginx1.18.0

-1060095501 | 2024-04-18T01:18:13.541297
3000 / tcp

Products

Pricing

Contact Us

116.202.25.85

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-305077803 | 2024-04-24T20:38:06.681855 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1651973090 | 2024-04-19T17:40:51.192488 80 / tcp

nginx1.18.0

-1060095501 | 2024-04-16T14:38:09.040251 443 / tcp

nginx1.18.0

-1060095501 | 2024-04-18T01:18:13.541297 3000 / tcp

Products

Pricing

Contact Us

-305077803 | 2024-04-24T20:38:06.681855
22 / tcp

1651973090 | 2024-04-19T17:40:51.192488
80 / tcp

-1060095501 | 2024-04-16T14:38:09.040251
443 / tcp

-1060095501 | 2024-04-18T01:18:13.541297
3000 / tcp