GeneralInformation

Hostnames	openstreetmap.fr dev.analyser.openstreetmap.fr api-pic4carto.openstreetmap.fr dev.bano.openstreetmap.fr bato.openstreetmap.fr cadastre.openstreetmap.fr discourse.openstreetmap.fr educosm.openstreetmap.fr forum.openstreetmap.fr dev.forum.openstreetmap.fr garmin.openstreetmap.fr librenms.openstreetmap.fr live.openstreetmap.fr maposmatic.openstreetmap.fr mobilizon.openstreetmap.fr monitor.openstreetmap.fr munin.openstreetmap.fr next.openstreetmap.fr nextcloud.openstreetmap.fr notes-heatmap.openstreetmap.fr osm26.openstreetmap.fr osm27.openstreetmap.fr osm28.openstreetmap.fr osmma.openstreetmap.fr osmose.openstreetmap.fr beta.osmose.openstreetmap.fr buildbot.osmose.openstreetmap.fr opendata.osmose.openstreetmap.fr peertube.openstreetmap.fr petitereine.openstreetmap.fr prev.openstreetmap.fr sotm2018.openstreetmap.fr sotm2019.openstreetmap.fr sotm2020.openstreetmap.fr sotm2022.openstreetmap.fr sotm2023.openstreetmap.fr sotm2024.openstreetmap.fr stats.openstreetmap.fr taginfo.openstreetmap.fr dev.taginfo.openstreetmap.fr backup.umap.openstreetmap.fr old.umap.openstreetmap.fr www.openstreetmap.fr tile.openstreetmap.ma dev.tile.openstreetmap.ma fr.osm.social api.pic4review.pavie.info
Domains	openstreetmap.fr openstreetmap.ma osm.social pavie.info
Country	France
City	Lille
Organization	OVH SAS
ISP	OVH SAS
ASN	AS16276

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 111 123 443 3128 4949

-985193415 | 2024-04-26T23:25:02.562618

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCVxVgqrf8yW54qJ5uo07i5lj2YStv6WFvYGcePI9P6I3lc
ZQ+igwZKn5mkRXnDvD0HFLuHKJWpri3SaDERJlGQnZwrewPibzygwalkBhm5h2NKvx8fpOI66mbX
8MwC4Gs0ZsAk/I3FurIvvGr7LaWYU6r2WX/mrvqvCAv3PAOIc9ffVW0Gqk1zoRZk3IacJ0BKzlPv
p4i17zqla48s3ltNn2Mw4y6HtHr8Rbr6FsPKH4nXe1JPWmXsRG2gJ4zSCE204nq/gjiBfRBZ9Ijb
AsS+cUMYBJIoIar5nckdOYAH5D1yFP2sGEhLwbfl/kOSxaT2B/jia0m2y6YVQx7OKZdf19SMHfB9
1mJisNbtcXXnlZ1ztgc9vcIv3YYU93ELZoYKUg4xMb7Y28hyu6K33mHyy2rrLZ1usD8XX1iva01Z
FQ3He//48dZRPsU+X/Ykr6MKsNbnyWqe8Hzgz8jUxi1AZPJ2cX4d5jS0rB5Y3IazkqmUFQHMsFqV
h/cYWc7Levk=
Fingerprint: 0d:2a:3a:6e:b6:c8:c6:e8:51:35:2f:bd:8b:a6:33:40

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-26T22:56:11.140715

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 22:56:11 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Sun, 12 Mar 2023 18:08:07 GMT
Connection: keep-alive
ETag: "640e1507-264"
Accept-Ranges: bytes

927828429 | 2024-04-26T23:00:54.417625

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	38292
status	1	tcp	39947
nlockmgr	1	udp	48514
nlockmgr	3	udp	48514
nlockmgr	4	udp	48514
nlockmgr	1	tcp	38529
nlockmgr	3	tcp	38529
nlockmgr	4	tcp	38529

927828429 | 2024-04-26T23:56:59.804692

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	38292
status	1	tcp	39947
nlockmgr	1	udp	48514
nlockmgr	3	udp	48514
nlockmgr	4	udp	48514
nlockmgr	1	tcp	38529
nlockmgr	3	tcp	38529
nlockmgr	4	tcp	38529

822374591 | 2024-04-27T00:12:15.858447

123 / udp

NTP
protocolversion: 3
stratum: 3
leap: 0
precision: -24
rootdelay: 0.00473022460938
rootdisp: 0.0269317626953
refid: 96772235
reftime: 3923164815.32
poll: 3

1741675827 | 2024-04-26T23:40:01.449819

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.18.0
Date: Fri, 26 Apr 2024 23:40:01 GMT
Content-Type: text/html
Content-Length: 559
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:e6:4b:89:e8:48:23:1a:b3:99:c0:6e:71:65:5e:26:99:05
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar  8 16:38:09 2024 GMT
            Not After : Jun  6 16:38:08 2024 GMT
        Subject: CN=osm26.openstreetmap.fr
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:db:83:e4:2f:09:13:16:4d:b5:60:9c:c4:22:b2:
                    05:19:1e:9b:da:c0:74:db:6b:17:27:02:a0:7f:54:
                    38:ab:84:63:a5:00:5c:b9:9b:a5:c0:21:2f:be:21:
                    06:97:2d:bd:a7:28:7a:dc:80:7f:96:92:5f:4d:ef:
                    22:f5:a4:8e:b8:51:19:63:e7:5d:68:60:4c:f0:a5:
                    0d:c9:4a:fa:63:9d:ad:7a:f3:c5:b4:a3:91:91:b4:
                    d6:d2:d3:07:a5:b9:18:df:d9:d0:ec:3a:09:0d:f1:
                    a6:f3:d5:e0:8c:1e:4e:d9:ab:8e:d5:7b:f7:58:a1:
                    20:6c:58:0c:24:e0:53:c8:61:87:6a:41:b6:72:e1:
                    72:cf:9b:fe:ac:a6:25:c9:00:e0:14:68:61:a1:23:
                    d2:58:63:77:71:81:d5:c0:bc:33:a8:79:51:8e:22:
                    72:8e:9b:e1:df:9c:cf:26:5d:b5:2f:a8:f2:44:a3:
                    35:75:9a:b7:08:33:f2:5c:ba:85:28:90:c2:6e:51:
                    93:e8:92:49:20:9f:0e:4b:ab:c7:f0:22:e4:ac:a7:
                    6c:a7:cc:2f:7e:38:e6:c5:4d:f8:88:f0:25:fd:2f:
                    f9:9c:14:63:ea:40:06:7c:05:b4:d1:6e:20:44:8d:
                    5a:9c:39:83:31:fc:68:7e:fe:76:2a:7a:0a:07:69:
                    dd:06:a5:b0:b2:2c:45:83:e3:78:3f:98:d4:ad:d0:
                    99:5c:15:da:e2:20:20:7f:66:d1:15:72:59:9a:fe:
                    77:b0:c4:67:8e:6b:cb:b3:4f:d5:a3:d3:b3:20:27:
                    fd:d7:1a:ad:34:86:3b:67:36:d2:41:14:02:a1:23:
                    26:d9:2a:9f:bc:72:a9:0f:6b:0a:fe:88:9b:b6:d1:
                    8d:19:18:4c:87:40:17:dc:95:27:48:a9:05:dd:07:
                    d7:c2:25:65:75:b2:7d:7b:48:82:13:60:2e:59:f9:
                    34:60:d2:27:d8:f2:01:2d:df:5e:46:ec:44:a5:9b:
                    d6:fd:73:d7:31:69:d6:78:0a:11:52:8a:51:f2:31:
                    76:3f:57:72:38:ca:d1:c8:86:b6:cf:07:b8:f1:ab:
                    04:9f:09:25:f1:44:04:42:14:4a:35:19:3e:56:00:
                    f7:bd:95:44:4e:c1:f4:99:48:42:6d:ff:e8:ae:d8:
                    6f:84:55:06:2c:c3:86:73:e1:34:05:b1:b1:e4:66:
                    01:ae:8d:5f:60:c4:ef:1e:60:ff:7e:c8:22:81:e9:
                    c8:c1:e2:a0:a8:34:00:49:de:27:c9:fc:d8:c3:4e:
                    eb:2b:1b:ae:16:4d:a5:31:2f:0b:1f:76:bf:3e:2d:
                    f2:4f:9d:a1:dc:89:37:2a:22:72:fd:89:5b:0b:ed:
                    5f:c1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                12:A2:AC:07:E5:56:C9:B7:79:F0:E7:5F:BC:29:4B:DD:51:09:F6:50
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api-pic4carto.openstreetmap.fr, DNS:api.pic4review.pavie.info, DNS:backup.umap.openstreetmap.fr, DNS:bato.openstreetmap.fr, DNS:beta.osmose.openstreetmap.fr, DNS:buildbot.osmose.openstreetmap.fr, DNS:cadastre.openstreetmap.fr, DNS:dev.analyser.openstreetmap.fr, DNS:dev.bano.openstreetmap.fr, DNS:dev.forum.openstreetmap.fr, DNS:dev.taginfo.openstreetmap.fr, DNS:dev.tile.openstreetmap.ma, DNS:discourse.openstreetmap.fr, DNS:educosm.openstreetmap.fr, DNS:forum.openstreetmap.fr, DNS:fr.osm.social, DNS:garmin.openstreetmap.fr, DNS:librenms.openstreetmap.fr, DNS:live.openstreetmap.fr, DNS:maposmatic.openstreetmap.fr, DNS:mobilizon.openstreetmap.fr, DNS:monitor.openstreetmap.fr, DNS:munin.openstreetmap.fr, DNS:next.openstreetmap.fr, DNS:nextcloud.openstreetmap.fr, DNS:notes-heatmap.openstreetmap.fr, DNS:old.umap.openstreetmap.fr, DNS:opendata.osmose.openstreetmap.fr, DNS:openstreetmap.fr, DNS:osm26.openstreetmap.fr, DNS:osm27.openstreetmap.fr, DNS:osm28.openstreetmap.fr, DNS:osmma.openstreetmap.fr, DNS:osmose.openstreetmap.fr, DNS:peertube.openstreetmap.fr, DNS:petitereine.openstreetmap.fr, DNS:prev.openstreetmap.fr, DNS:sotm2018.openstreetmap.fr, DNS:sotm2019.openstreetmap.fr, DNS:sotm2020.openstreetmap.fr, DNS:sotm2022.openstreetmap.fr, DNS:sotm2023.openstreetmap.fr, DNS:sotm2024.openstreetmap.fr, DNS:stats.openstreetmap.fr, DNS:taginfo.openstreetmap.fr, DNS:tile.openstreetmap.ma, DNS:www.openstreetmap.fr
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar  8 17:38:09.852 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F3:B4:12:C7:1D:7C:87:A0:9A:F0:D6:
                                97:99:E2:79:F4:3B:08:14:89:50:42:A3:4F:61:B1:CD:
                                DA:C0:64:33:3E:02:21:00:D3:63:AD:33:F8:17:E0:E0:
                                51:0B:A1:76:4E:F6:66:50:9D:D2:2D:01:01:F9:89:18:
                                46:A6:46:9F:B9:13:80:42
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar  8 17:38:09.878 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:30:8F:47:E4:E0:02:03:F8:DF:04:12:81:
                                DA:87:EE:F7:35:43:C8:49:D7:A8:55:35:99:91:DC:1C:
                                58:4E:A8:CA:02:20:10:6C:F7:AA:80:A2:1D:BB:5F:D1:
                                80:DC:40:D7:EC:7B:34:3B:14:72:DE:C2:0D:AC:45:A6:
                                66:D1:94:42:60:FB
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        51:6d:c6:b4:85:9f:4f:0f:99:8c:0b:4c:7a:39:1b:f8:99:48:
        d6:cb:2a:f7:51:c7:66:83:b5:b5:cb:52:9b:09:ae:02:83:0e:
        03:44:af:07:9d:9c:9f:49:98:c4:51:9d:25:83:8a:07:6d:78:
        af:4c:9d:cf:7e:af:7f:25:d4:cf:6d:79:93:54:0a:ab:42:6d:
        2d:16:9d:b7:c5:0f:e3:69:60:f5:d1:fe:72:e5:3d:f4:51:a6:
        a4:70:bb:96:1c:b2:23:8d:78:ec:ce:e3:b1:dc:95:be:4a:64:
        94:18:5b:6e:70:ea:a6:46:47:a4:92:ab:6e:10:dc:34:12:89:
        e7:de:6b:f2:62:17:98:a7:a3:3f:42:9b:6e:02:cf:a8:75:17:
        0d:2e:bf:cc:cb:c8:6f:36:e2:1c:82:37:a0:2d:d4:28:96:4a:
        b2:38:5a:5e:78:05:4c:72:44:85:26:bb:76:68:ad:bc:b1:7b:
        45:f6:e7:22:7d:45:95:a2:56:93:ff:20:5a:4b:fd:69:b5:b3:
        1d:3d:d9:4f:02:7e:cc:87:ab:f9:8c:ee:ed:3e:b7:c8:7b:57:
        bf:70:79:df:aa:91:43:f7:87:d1:5f:2c:a3:6b:41:75:cd:5e:
        b1:ad:4e:7d:42:73:d8:88:06:92:4f:89:03:f6:80:b7:78:41:
        88:3d:42:9b

967715718 | 2024-04-26T23:25:13.930675

3128 / tcp

HTTP/1.1 501 method 'GET' not available
Cache-Control: max-age=0
Connection: close
Date: Fri, 26 Apr 2024 23:25:13 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Expires: Fri, 26 Apr 2024 23:25:13 GMT

2001:41d0:1008:1f84::27

Last Seen: 2024-04-27

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-985193415 | 2024-04-26T23:25:02.562618
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1651973090 | 2024-04-26T22:56:11.140715
80 / tcp

nginx1.18.0

927828429 | 2024-04-26T23:00:54.417625
111 / tcp

927828429 | 2024-04-26T23:56:59.804692
111 / udp

822374591 | 2024-04-27T00:12:15.858447
123 / udp

1741675827 | 2024-04-26T23:40:01.449819
443 / tcp

nginx1.18.0

967715718 | 2024-04-26T23:25:13.930675
3128 / tcp

Products

Pricing

Contact Us

2001:41d0:1008:1f84::27

Last Seen: 2024-04-27

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-985193415 | 2024-04-26T23:25:02.562618 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1651973090 | 2024-04-26T22:56:11.140715 80 / tcp

nginx1.18.0

927828429 | 2024-04-26T23:00:54.417625 111 / tcp

927828429 | 2024-04-26T23:56:59.804692 111 / udp

822374591 | 2024-04-27T00:12:15.858447 123 / udp

1741675827 | 2024-04-26T23:40:01.449819 443 / tcp

nginx1.18.0

967715718 | 2024-04-26T23:25:13.930675 3128 / tcp

Products

Pricing

Contact Us

-985193415 | 2024-04-26T23:25:02.562618
22 / tcp

1651973090 | 2024-04-26T22:56:11.140715
80 / tcp

927828429 | 2024-04-26T23:00:54.417625
111 / tcp

927828429 | 2024-04-26T23:56:59.804692
111 / udp

822374591 | 2024-04-27T00:12:15.858447
123 / udp

1741675827 | 2024-04-26T23:40:01.449819
443 / tcp

967715718 | 2024-04-26T23:25:13.930675
3128 / tcp