GeneralInformation

Hostnames	vmi1814402.contaboserver.net painelzap.itclever.com.br zap.itclever.com.br
Domains	contaboserver.net itclever.com.br
Country	Germany
City	Düsseldorf
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 3000 4000 5000

677579724 | 2024-05-10T03:22:36.465747

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 03:22:36 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

-1060095501 | 2024-04-29T01:20:09.801625

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 Apr 2024 01:20:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://zap.itclever.com.br
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:fc:45:5e:32:b7:eb:75:32:cd:d8:66:67:2d:90:ce:6e:41
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 18 17:20:34 2024 GMT
            Not After : Jul 17 17:20:33 2024 GMT
        Subject: CN=painelzap.itclever.com.br
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:f4:73:e3:bf:a8:aa:ba:5a:8f:a4:6c:79:02:ff:
                    97:c3:09:73:56:c9:42:fd:2f:3a:07:e6:09:a1:5c:
                    44:fb:63:23:37:86:00:e3:e2:fe:83:53:18:e3:66:
                    d6:75:b0:23:a5:a2:95:12:f8:38:f8:8f:9e:f6:f9:
                    78:32:db:ca:84
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                A9:80:05:C5:6B:28:A0:73:91:44:36:0E:A5:1C:3E:3E:1E:8E:B7:31
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:painelzap.itclever.com.br, DNS:zap.itclever.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 18 18:20:34.655 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A4:25:50:2E:FD:69:90:D0:03:34:DF:
                                28:03:82:1D:E4:7F:2B:31:3E:2C:05:82:15:38:05:4F:
                                88:EC:BF:9F:BA:02:20:41:9F:68:AE:09:8F:23:34:AC:
                                91:5A:BC:ED:C7:2F:DF:12:C0:1F:42:6A:FE:D9:65:AE:
                                E1:88:A8:3E:AC:71:55
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Apr 18 18:20:34.701 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2C:F8:8D:B1:B4:B8:7B:67:9D:D7:60:B8:
                                E2:18:FE:4B:14:BA:5D:45:8F:80:A1:98:A9:D8:F8:06:
                                D6:F8:DE:A3:02:20:23:0B:7E:CF:41:70:5B:61:17:DA:
                                0A:EC:E3:BA:19:CF:80:6B:B5:6C:59:B9:AB:29:E7:5A:
                                EB:36:BB:07:50:87
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        87:a4:d4:a6:e0:c6:cb:83:6d:66:a8:80:17:7e:2a:50:95:cf:
        6b:92:82:39:8d:34:15:01:2b:bd:89:c2:84:a1:1c:6b:81:c3:
        4b:23:64:bf:82:50:92:52:98:67:54:02:23:e4:62:e6:ee:53:
        6f:3d:c0:c8:db:ba:a7:ed:5e:dd:06:0a:38:9a:a9:46:95:10:
        07:cc:8f:f8:77:8a:8e:b1:e0:71:49:0d:66:9a:73:13:a1:61:
        0e:18:07:84:22:cc:31:16:f6:9d:39:d7:52:e4:f0:18:95:5d:
        2f:0b:6e:5f:89:6c:27:0f:40:8c:37:70:6f:12:3c:2b:65:1b:
        7d:41:9e:d5:0c:14:e2:1f:35:d6:52:74:3b:cb:f3:e8:f3:70:
        9b:0c:1e:40:c5:e8:d9:e3:87:80:c1:36:13:f6:d6:63:39:4b:
        05:4b:c7:23:06:a5:60:08:69:1d:1a:6e:9b:c7:ef:15:f1:2e:
        f6:4e:10:90:82:3f:b5:c4:91:e8:0a:cf:3d:3e:28:74:d4:5d:
        27:ef:c4:21:0d:b6:8e:ae:9f:ea:81:f9:29:21:49:78:ae:a0:
        00:b9:da:99:0b:2f:b3:ea:7a:4d:ec:a9:dc:0b:2c:b3:aa:ee:
        2a:cf:51:3d:d7:14:43:f2:38:01:ca:c3:cb:70:fd:99:60:90:
        7a:92:7b:cc

1868937467 | 2024-05-05T06:26:30.926132

3000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 18 Apr 2024 18:20:02 GMT
ETag: W/"c63-18ef26fe2c0"
Content-Type: text/html; charset=UTF-8
Content-Length: 3171
Date: Sun, 05 May 2024 06:26:30 GMT
Connection: keep-alive
Keep-Alive: timeout=5

-1246004407 | 2024-05-12T04:48:36.499050

4000 / tcp

HTTP/1.1 400 Bad Request
Connection: close

185.255.131.139

Last Seen: 2024-05-12

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

677579724 | 2024-05-10T03:22:36.465747
80 / tcp

nginx1.18.0

-1060095501 | 2024-04-29T01:20:09.801625
443 / tcp

nginx1.18.0

1868937467 | 2024-05-05T06:26:30.926132
3000 / tcp

-1246004407 | 2024-05-12T04:48:36.499050
4000 / tcp

Products

Pricing

Contact Us

185.255.131.139

Last Seen: 2024-05-12

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

677579724 | 2024-05-10T03:22:36.465747 80 / tcp

nginx1.18.0

-1060095501 | 2024-04-29T01:20:09.801625 443 / tcp

nginx1.18.0

1868937467 | 2024-05-05T06:26:30.926132 3000 / tcp

-1246004407 | 2024-05-12T04:48:36.499050 4000 / tcp

Products

Pricing

Contact Us

677579724 | 2024-05-10T03:22:36.465747
80 / tcp

-1060095501 | 2024-04-29T01:20:09.801625
443 / tcp

1868937467 | 2024-05-05T06:26:30.926132
3000 / tcp

-1246004407 | 2024-05-12T04:48:36.499050
4000 / tcp