GeneralInformation

Hostnames	hwsrv-1210806.hostwindsdns.com
Domains	hostwindsdns.com
Country	Netherlands
City	Amsterdam
Organization	Hostwinds Seattle
ISP	Hostwinds LLC.
ASN	AS54290

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 8000

218737131 | 2024-05-03T16:33:47.953014

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHPR68uo8c7irvZ0kj2D9rth
IhmU1O5hov78Tk7hV+tZlgh+dN51okXVMrx1J/fhvXTa5g/zlOpwvU+aC/hGnk8=
Fingerprint: f2:2f:32:ac:4b:53:38:1e:4c:10:c7:ef:d4:e7:f5:1f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-29T22:47:02.533342

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 Apr 2024 22:47:02 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Mon, 01 Apr 2024 10:50:52 GMT
Connection: keep-alive
ETag: "660a918c-264"
Accept-Ranges: bytes

1470362729 | 2024-04-28T04:11:52.445388

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Apr 2024 04:11:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2292
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Vary: origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:8a:52:35:5a:b5:13:72:c3:4a:e3:a0:e5:d4:e4:86:9b:8c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  2 05:54:30 2024 GMT
            Not After : Jul  1 05:54:29 2024 GMT
        Subject: CN=hwsrv-1210806.hostwindsdns.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b3:79:66:e2:f7:54:c3:4b:ed:9c:f0:d9:76:a0:
                    c4:aa:d6:e6:10:71:e8:0b:9c:d5:95:e8:05:04:bc:
                    aa:c7:fb:38:1c:e7:53:8e:ee:17:87:fa:f3:48:b6:
                    68:ea:e3:db:4c:81:6c:9f:b6:a5:91:40:85:9b:61:
                    3e:d3:ec:f0:ae:ac:23:91:5f:2c:0a:05:bb:34:06:
                    43:34:2f:f7:4e:34:d5:3d:ab:3f:39:f2:3f:8f:70:
                    4b:22:2f:2c:0a:95:2f:3b:94:22:a9:b9:d1:23:bb:
                    22:ba:5a:63:ed:7d:43:c5:b1:d7:7e:a7:cb:ce:bc:
                    81:8a:25:bc:82:6f:49:24:59:c9:16:96:30:42:3c:
                    f9:93:b6:fe:d6:03:5f:bc:7c:f0:40:ca:d4:a7:04:
                    d8:51:9f:22:5c:a5:8d:cd:27:06:00:0e:3a:ea:5f:
                    59:7d:78:67:35:79:cd:54:d5:e7:92:81:fd:af:22:
                    b9:3f:43:97:0e:46:61:08:76:51:d9:67:d0:51:8e:
                    7e:9b:8f:1e:b2:72:c3:63:9f:6b:65:30:76:a4:62:
                    45:5e:a6:ae:ad:00:a9:64:0d:82:ff:29:40:e5:4c:
                    42:43:ee:c2:db:ab:45:b4:3a:fc:19:88:fc:cb:49:
                    21:bc:0d:88:07:36:9a:2e:94:7c:ee:35:52:98:e5:
                    04:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                28:E1:4C:92:1F:18:AF:32:5A:87:DE:CB:D8:CF:E0:D6:18:5F:67:4B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:hwsrv-1210806.hostwindsdns.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr  2 06:54:30.400 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:3D:D5:D3:74:30:82:97:2B:0F:62:A4:3D:
                                27:DD:90:F6:30:F2:2C:B7:A9:B1:87:5C:9D:A1:CE:56:
                                0D:04:7A:E0:02:20:5C:CB:C7:EC:7E:69:3E:13:BE:F0:
                                23:20:FF:75:59:E4:00:9A:9E:86:D6:D2:4F:72:C5:F5:
                                5D:7F:7B:5B:84:4C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Apr  2 06:54:30.408 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B5:AC:2F:AC:0F:04:6A:53:C7:65:6E:
                                86:61:C2:94:69:87:42:CE:65:0D:98:5C:A7:6F:26:7F:
                                9D:FC:80:34:3A:02:20:54:18:A4:4A:D2:A7:B9:47:39:
                                2B:F3:56:AD:43:9C:90:40:F7:8F:A0:52:4D:FA:B1:53:
                                9D:06:F4:5D:9D:76:91
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:35:d6:c1:4c:c1:9f:75:3d:60:34:2a:fe:8b:ed:cc:e4:90:
        00:9b:3f:0d:ce:d6:43:f7:f0:d4:89:ca:e7:df:58:78:bc:c4:
        4c:af:5c:f6:5b:e2:c8:dc:c6:c1:48:cf:9b:39:38:9b:35:77:
        9c:76:3a:76:2e:bc:4a:80:75:a6:eb:65:0e:42:68:c7:fe:6a:
        c4:d8:a7:a6:62:ae:fc:73:fe:e8:99:5d:52:29:31:c7:2d:99:
        d3:fd:a2:1f:4d:f1:bf:ec:87:07:87:64:07:64:29:61:25:d9:
        f9:ce:65:6b:8b:68:af:c0:8d:d4:0a:4d:4e:f9:a4:a6:f0:8e:
        17:51:85:ec:fc:c7:7e:4b:ea:7a:3d:39:ec:d1:be:ba:4a:f1:
        81:75:19:11:0e:20:85:14:e1:a0:a1:5e:e0:4f:02:23:5b:f7:
        f9:c0:2e:72:7c:fd:81:1f:4d:16:ca:b8:b0:98:13:63:98:b5:
        aa:99:2c:20:1c:8b:10:be:0c:be:9d:a2:ff:d3:2e:d2:7b:c7:
        e9:2b:02:2d:8a:29:00:9c:f4:a8:99:52:cf:a4:ab:89:43:61:
        b4:a5:e5:52:a3:96:ca:d9:50:53:9d:0b:0e:01:3d:f3:70:f9:
        99:cf:9e:e2:e2:6a:a9:71:3e:a3:c7:16:eb:1c:0e:f3:ac:67:
        2c:9e:5f:72

1995913754 | 2024-04-22T15:44:08.011658

8000 / tcp

HTTP/1.1 404 Not Found
Server: gunicorn
Date: Mon, 22 Apr 2024 15:44:07 GMT
Connection: close
Content-Type: text/html; charset=utf-8
X-Frame-Options: DENY
Content-Length: 2291
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Vary: origin

192.236.192.44

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

218737131 | 2024-05-03T16:33:47.953014
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1651973090 | 2024-04-29T22:47:02.533342
80 / tcp

nginx1.18.0

1470362729 | 2024-04-28T04:11:52.445388
443 / tcp

nginx1.18.0

1995913754 | 2024-04-22T15:44:08.011658
8000 / tcp

Products

Pricing

Contact Us

192.236.192.44

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

218737131 | 2024-05-03T16:33:47.953014 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1651973090 | 2024-04-29T22:47:02.533342 80 / tcp

nginx1.18.0

1470362729 | 2024-04-28T04:11:52.445388 443 / tcp

nginx1.18.0

1995913754 | 2024-04-22T15:44:08.011658 8000 / tcp

Products

Pricing

Contact Us

218737131 | 2024-05-03T16:33:47.953014
22 / tcp

1651973090 | 2024-04-29T22:47:02.533342
80 / tcp

1470362729 | 2024-04-28T04:11:52.445388
443 / tcp

1995913754 | 2024-04-22T15:44:08.011658
8000 / tcp