GeneralInformation

Hostnames	vmi1817545.contaboserver.net acesso.solux.fun app.solux.fun storage.solux.fun
Domains	contaboserver.net solux.fun
Country	Germany
City	Düsseldorf
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3001 9000

1266619786 | 2024-05-14T18:58:35.167809

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDOGmfyoCWgy8ZNxut/9NUP679Y2xKNUIaYJs19fBP/AL+9
xftheM+su2Z+DKlC1AQArz/PCzbrwRJ0U2Nnas2KOEUqCVE7ZNUarxwHF4I6dDdNiwWNG+AUds4Z
fUX1o0YamUculCtywyWhjVTSCcE9w7Mwp1o/6Xw+f8dnBdIeMRbRHwCUzSi/Q5IbsqHHrJ1XYFdN
ootzIL1QVo2ETiSQ+Gf0fu19ozMaQUNlNxot7KdL3+aI4dJw4x8oucDjc3OMn9Axgn68SkQ5a08Q
qUl6tldumO9p1K3Fnue9JC2RfP7cnWUhQeenovDwmymFJ8xtAAClbo3myh5yct8VWD9ZSi34+BPM
HEYcOF7UnegdrTRk2MlLNH2vjbGdBEB/q4BarRBL2eFd0t/r97T9qoW+CbkngQJ5DjhCmlhXYniX
0zA6c+1dbP66/DGVU3VLQXxxuiuaDd5i5yq3AKoL4tFMD9aynFV19CKTmEWZo6vud2PQuqfSOOT4
Fbr5i59lHEAVcI9OQQOJt3nCq2yk2d6a93RjveRdSEdRvVckJmvTIEgC4//8DjiU4JFt9voIlKrS
RjCnjIdBtECHpKCdizvJ9DooVARLj6D+DaJLrBLHxrF5S5NR8Ld1iqNphbyGgrpUJUtJXV50mz0r
9oTOs7kr/OxB9UZN8R46W66r17lXdQ==
Fingerprint: 68:63:4e:b1:5a:56:01:4f:f9:f1:b3:f8:59:66:d6:f3

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-05-19T16:00:44.418813

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 19 May 2024 16:00:44 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 19 Apr 2024 21:59:12 GMT
Connection: keep-alive
ETag: "6622e930-264"
Accept-Ranges: bytes

793058366 | 2024-05-16T05:14:49.995396

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 16 May 2024 05:14:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1838
Connection: keep-alive
X-Powered-By: Next.js
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
ETag: "xjfpelk8kj1f2"
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ba:30:24:d6:5c:09:4d:7d:c6:35:a3:3d:d2:d5:fa:af:18
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 19 21:01:41 2024 GMT
            Not After : Jul 18 21:01:40 2024 GMT
        Subject: CN=acesso.solux.fun
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f3:53:b3:19:6d:13:60:d8:6f:21:94:42:bb:f4:
                    75:30:5c:63:07:12:40:a8:cb:2a:4a:85:ae:ed:06:
                    45:d0:47:43:b1:84:24:c9:a7:af:ec:af:5f:5f:94:
                    7e:e2:07:ac:51:37:83:8f:72:b5:ad:86:b5:00:92:
                    9b:49:4c:29:0c:62:dc:ef:a1:19:2e:95:66:00:3c:
                    67:bd:5c:54:4c:15:8a:f6:c1:7c:20:b0:6e:56:9d:
                    c5:19:4e:94:74:18:f6:35:89:dd:08:f1:42:88:f8:
                    90:24:02:a7:82:30:f5:d8:4b:93:f5:c9:06:6e:ad:
                    a4:e1:0a:cf:5c:de:9b:1d:59:ca:a0:44:90:d2:81:
                    bf:19:3b:6a:e7:35:aa:84:9a:2f:38:d5:3d:56:c8:
                    ce:56:6a:c1:4e:5b:ff:7e:07:43:f7:53:db:d8:36:
                    08:b6:2a:3e:76:c5:9e:04:65:a6:e4:b5:ee:03:b3:
                    65:85:d4:33:59:f3:a2:8b:ef:92:49:8e:3c:80:3f:
                    cd:7f:b3:0e:dc:c7:13:c5:cb:c9:2b:b7:5f:32:ce:
                    36:9c:69:e5:56:81:81:dd:9e:1d:6d:fc:48:f0:b9:
                    13:a9:9c:d0:11:80:8a:eb:93:2f:10:67:47:6d:db:
                    ac:ca:0d:2e:0b:5c:3f:68:7b:14:cd:84:41:fb:33:
                    25:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BA:D7:B3:36:CC:20:AE:B2:54:73:24:D9:80:0E:1B:6C:FB:E2:D2:4F
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:acesso.solux.fun, DNS:app.solux.fun, DNS:storage.solux.fun
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 19 22:01:41.608 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5E:84:0E:9E:5F:D8:FC:F0:4C:CA:32:D7:
                                04:F3:D3:EB:6F:BD:23:7A:10:77:EC:7F:8F:31:95:17:
                                1D:2E:80:E1:02:21:00:B3:B6:6C:9A:6C:03:0A:7C:47:
                                A5:FF:0E:7E:8C:6B:C0:C3:94:04:92:9B:1E:C1:12:B7:
                                32:22:FC:9D:D8:E6:B0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 19 22:01:41.634 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:92:F7:9F:B9:D6:F7:32:19:A1:23:B9:
                                51:CF:59:4F:08:99:9D:D8:F5:6C:2E:ED:19:26:62:28:
                                73:E6:C4:0B:1B:02:20:66:3B:7A:B0:4C:39:56:AD:DB:
                                F5:C7:0D:52:D0:5D:FC:2C:84:61:59:F5:88:79:14:E9:
                                01:58:E4:04:C5:1B:4B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        27:ef:c4:d8:d3:71:94:12:aa:b2:8e:7a:a6:03:54:74:6b:39:
        76:ed:50:49:18:d0:01:e5:b0:21:c7:8b:28:8e:59:79:6c:82:
        c9:38:3a:7f:15:db:b9:a8:6a:dd:0a:6d:83:ce:46:16:e7:07:
        54:80:ab:e5:89:34:f7:b0:6b:f2:37:a7:47:8d:8d:88:e5:41:
        a0:46:92:45:ba:ae:63:a1:4d:8c:02:d3:ff:b3:8d:c7:ac:93:
        f2:a2:56:b9:86:e1:fc:28:bd:ea:fa:23:01:55:af:a1:03:d3:
        dd:65:28:36:c2:c4:06:62:81:b3:e6:03:2d:b4:40:86:aa:9e:
        6f:b6:ed:49:a8:a2:ea:16:89:f8:82:cf:5d:13:bd:1a:81:a5:
        d1:d0:8a:ef:3d:04:4c:68:35:d8:78:65:06:ac:66:b7:31:23:
        82:22:84:8f:c9:9a:ee:94:e5:0c:5e:17:3b:37:9c:6d:9d:02:
        95:2e:09:ee:f9:fb:22:7a:77:fc:5d:6f:31:28:02:33:7f:3f:
        96:62:ac:a5:8a:83:e0:88:56:28:27:1b:16:1f:01:12:c7:53:
        71:f3:db:bf:1a:9e:4c:9d:f2:b6:51:65:20:b3:64:71:5b:34:
        51:f8:e8:37:96:fa:58:56:f8:ef:b9:6f:76:e4:c9:cd:e1:da:
        1a:f8:6f:dc

-1246004407 | 2024-05-15T16:48:31.808465

3001 / tcp

HTTP/1.1 400 Bad Request
Connection: close

1755845226 | 2024-05-12T03:31:19.417082

9000 / tcp

HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=utf-8
Location: http://193.203.15.185:33935
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17CEA03A12195B74
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Sun, 12 May 2024 03:31:19 GMT
Content-Length: 63

193.203.15.185

Last Seen: 2024-05-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1266619786 | 2024-05-14T18:58:35.167809
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-19T16:00:44.418813
80 / tcp

nginx1.18.0

793058366 | 2024-05-16T05:14:49.995396
443 / tcp

nginx1.18.0

-1246004407 | 2024-05-15T16:48:31.808465
3001 / tcp

1755845226 | 2024-05-12T03:31:19.417082
9000 / tcp

Products

Pricing

Contact Us

193.203.15.185

Last Seen: 2024-05-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1266619786 | 2024-05-14T18:58:35.167809 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-19T16:00:44.418813 80 / tcp

nginx1.18.0

793058366 | 2024-05-16T05:14:49.995396 443 / tcp

nginx1.18.0

-1246004407 | 2024-05-15T16:48:31.808465 3001 / tcp

1755845226 | 2024-05-12T03:31:19.417082 9000 / tcp

Products

Pricing

Contact Us

1266619786 | 2024-05-14T18:58:35.167809
22 / tcp

1651973090 | 2024-05-19T16:00:44.418813
80 / tcp

793058366 | 2024-05-16T05:14:49.995396
443 / tcp

-1246004407 | 2024-05-15T16:48:31.808465
3001 / tcp

1755845226 | 2024-05-12T03:31:19.417082
9000 / tcp