GeneralInformation

Hostnames	code4lib.social 207.148.11.97.vultrusercontent.com
Domains	code4lib.social vultrusercontent.com
Cloud Provider	Vultr
Country	United States
City	Elk Grove Village
Organization	Vultr Holdings, LLC
ISP	The Constant Company, LLC
ASN	AS20473

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 123 443

-2035649491 | 2024-05-06T16:49:28.046013

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDA0SwQUSyrgFY+ZPAEAYhevMF9tnK4r2AvBGFt/jq7cIGh
Xvq4J6BYrqqrqVxDEY19vzp1yWHtU1vSM4IXDK1kDs4PHSW155+fqQPmxPvR2Vu6pvRajd12jKPj
r2+Hb6yhDw6gMynvsE6dMX1ilgC5jP3hqLDzN99j9ui+HqE/j2a9L1Kq3J619bm5dzyfSXsrKckX
Srx++OwTP67meijusEZfNlssApY1PhAm3A4MI+7Ix+Z8WxLt9PdCEaoTrPctNiiLmBC0a/jrLlP2
b5sltFmmfew7owYr7GudvbKSJzxEj8+x2htqwQnMwcPQiyibg1qFXO3kSsE1j0qLrwQd
Fingerprint: d2:58:cc:df:11:cb:9b:50:de:dc:23:8a:f4:4e:a2:e1

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

589765266 | 2024-05-21T12:02:58.668777

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 21 May 2024 12:02:58 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://207.148.11.97/

-839826521 | 2024-05-19T15:01:41.058496

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -24
rootdelay: 0.0150299072266
rootdisp: 0.0354766845703
refid: 3652506070
reftime: 3925118654.04
poll: 3

-1966244115 | 2024-05-21T12:03:07.926853

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 21 May 2024 12:03:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 22689
Connection: keep-alive
Vary: Accept-Encoding
Server: Mastodon
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Referrer-Policy: same-origin
Vary: Accept, Accept-Language, Cookie
Link: </packs/js/locale/en-json-f5510c22fd7d55be6ad5.chunk.js>; rel=preload; as=script; type=text/javascript; integrity=sha256-SplOegOXiFZpzYhklmglSpSNDKjU9dqJdQ2hIA2uWks=
Cache-Control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400
ETag: W/"b5f177ec2a84cde77fac68dea1ccd9ae"
Content-Security-Policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://code4lib.social; img-src 'self' https: data: blob: https://code4lib.social; style-src 'self' https://code4lib.social 'nonce-h9A0KKMajxi8P6XhvN3fuw=='; media-src 'self' https: data: https://code4lib.social; frame-src 'self' https:; manifest-src 'self' https://code4lib.social; form-action 'self'; child-src 'self' blob: https://code4lib.social; worker-src 'self' blob: https://code4lib.social; connect-src 'self' data: blob: https://code4lib.social https://s3-us-east-2.amazonaws.com wss://code4lib.social; script-src 'self' https://code4lib.social 'wasm-unsafe-eval'
X-Request-Id: 0f0b3ebd-1c71-4c56-94ea-fff797fa3b9d
X-Runtime: 0.016314
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Cached: STALE

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:1b:06:e4:45:f1:ff:22:fb:3b:86:4e:3c:3c:96:91:74:e4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 15 05:32:11 2024 GMT
            Not After : Jul 14 05:32:10 2024 GMT
        Subject: CN=code4lib.social
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:cf:3a:ab:4e:6e:05:dc:fa:cb:21:47:8e:86:
                    a8:d2:42:47:8e:5d:62:45:4f:bf:b4:ac:c5:5a:bb:
                    1f:dc:c8:af:c5:93:aa:8e:c8:3b:53:29:ff:49:bd:
                    67:39:36:c9:38:6d:b4:b9:34:6e:6f:3a:8e:8a:fc:
                    08:72:fc:80:e3:36:c3:7d:08:73:f2:6d:a4:41:e1:
                    bd:52:8f:20:b0:0f:fd:97:d8:64:b6:74:06:37:a1:
                    89:b5:ea:b4:fc:e8:41:7e:59:ad:4d:97:56:b1:12:
                    f3:a3:43:8a:c4:00:de:52:6d:10:e3:9a:9c:0e:67:
                    dd:ff:8f:0f:3e:8b:d2:47:a5:b4:d3:c5:17:e6:ee:
                    d3:6a:86:45:0c:e2:62:4f:92:c9:81:b0:b4:aa:a1:
                    8c:c4:83:f8:10:19:67:46:1e:92:57:ee:3e:ca:7f:
                    e1:37:d9:3d:5e:40:fc:b6:3c:5a:a1:73:fd:8b:d6:
                    ed:22:18:0c:80:9e:8a:47:fb:d8:93:3f:83:ef:f7:
                    e7:a6:f7:52:6f:a9:83:f7:34:7b:9b:70:6c:ac:31:
                    a7:59:d8:1b:4d:d8:15:94:70:09:cf:67:92:3d:0f:
                    29:f2:fb:be:a9:cf:5a:aa:3a:9d:3c:05:8e:3d:a0:
                    db:11:32:2a:bc:88:f4:f5:a2:00:0e:97:4d:65:0a:
                    21:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6A:58:0B:12:09:1D:7A:4F:A4:86:5F:C9:5F:92:BA:4F:B2:47:A4:05
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:code4lib.social
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 15 06:32:11.382 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8F:8B:11:10:8F:4F:91:6D:5A:2A:5C:
                                2F:9E:8E:42:0A:00:10:26:B2:BF:2E:3E:26:7E:37:CB:
                                8A:43:35:0C:CC:02:20:44:9A:3E:6F:F3:AB:8B:B4:D7:
                                DE:27:1F:74:3B:6D:E1:50:44:45:A2:27:2D:01:9C:33:
                                74:89:48:50:F1:A2:F7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr 15 06:32:11.590 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:98:71:1A:49:A3:AF:58:A5:5D:2A:DF:
                                59:0C:CF:48:E7:A4:51:E7:32:FE:0C:B1:FE:8F:01:A4:
                                57:AE:4C:F0:7C:02:20:61:28:6C:72:F4:99:EC:3A:BB:
                                D0:0C:6B:90:21:20:B9:0E:73:48:D1:FC:3B:7E:C6:98:
                                E3:7E:CC:D3:EA:40:FB
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b0:88:a0:c6:24:8f:8e:d2:c4:c4:c1:66:96:e0:8b:4b:86:19:
        22:41:03:e4:96:23:07:dd:d6:77:96:f7:4b:b6:b2:43:8f:1f:
        d9:71:c0:1d:eb:b2:c1:2b:23:a4:8e:fd:4c:8a:f9:d3:59:35:
        df:9a:6a:1b:78:fc:3b:c8:fd:9c:b5:c6:5c:c1:c0:99:de:a5:
        ea:d0:9c:a7:ab:9c:b6:1c:4d:5a:99:4a:f4:46:7b:86:86:c9:
        4b:60:9b:cc:70:ea:24:5b:f2:f2:04:31:c6:e5:35:d3:3a:ae:
        90:6b:4e:b8:23:c1:0a:32:eb:73:0b:8c:fa:7e:ee:5e:23:7f:
        5e:ea:f6:61:f8:e2:59:92:73:96:a0:58:e0:57:13:dc:8a:10:
        ce:fb:3a:dc:fe:71:86:7c:6a:9d:53:af:d6:d5:12:a7:22:b9:
        e2:a9:c4:65:09:79:73:c3:2e:fd:42:87:ef:48:7f:62:da:f8:
        64:2e:57:df:d5:ac:90:28:ae:3f:52:1b:b2:c4:d8:95:f7:2b:
        8d:6e:15:c0:74:fd:cf:b7:ab:98:d6:76:16:4a:88:52:7d:0d:
        64:e0:eb:7a:17:32:c3:2c:95:06:26:fd:bb:58:be:58:3c:37:
        33:6c:28:2a:98:ca:dc:ed:51:d5:44:bc:24:a7:08:cd:80:43:
        47:26:ce:45

207.148.11.97

Last Seen: 2024-05-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2035649491 | 2024-05-06T16:49:28.046013
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

589765266 | 2024-05-21T12:02:58.668777
80 / tcp

nginx1.18.0

-839826521 | 2024-05-19T15:01:41.058496
123 / udp

-1966244115 | 2024-05-21T12:03:07.926853
443 / tcp

Products

Pricing

Contact Us

207.148.11.97

Last Seen: 2024-05-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2035649491 | 2024-05-06T16:49:28.046013 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

589765266 | 2024-05-21T12:02:58.668777 80 / tcp

nginx1.18.0

-839826521 | 2024-05-19T15:01:41.058496 123 / udp

-1966244115 | 2024-05-21T12:03:07.926853 443 / tcp

Products

Pricing

Contact Us

-2035649491 | 2024-05-06T16:49:28.046013
22 / tcp

589765266 | 2024-05-21T12:02:58.668777
80 / tcp

-839826521 | 2024-05-19T15:01:41.058496
123 / udp

-1966244115 | 2024-05-21T12:03:07.926853
443 / tcp