GeneralInformation

Hostnames	hosted-by.leaseweb.com
Domains	leaseweb.com
Country	Netherlands
City	Volendam
Organization	LeaseWeb Netherlands B.V.
ISP	LeaseWeb Netherlands B.V.
ASN	AS60781
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 81 91 443 1935 3000 3306 4000 6881 8000 8081 8085 8090 8181 8443 8787 9000 9090 9091 32400

-367012876 | 2024-05-28T16:49:35.941531

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC/neucbSpNoh3BI1R3E93s3ANns5kO85H4vyz9Oy82i3qe
ki9z6eTGysMX8IhToO9rtgXHwLJOmjxw9uCRVVbD5DaQyL80MR1h8/5L1BhBYWy0K94xUeiyBmPl
Ex8INeo3/cgIdV3Odr0Be2o2YPUtxGBElUQExSWsYV4JGa6bCeew/fTh4JAY6QzEAdR4GaOn34NA
aHtIU1ZU0RLdVUXEhGfGKQpSs408Q7+cyxgM048QSp8n7xwVhchffWcE9Wa+0ZuLzxdxCCTGocNy
JKzQ5iuV0A/X1RKEPt12ylqk8aa6HGNoo6lLHF78bwrV2CMzCr4Swi0vokcZZXM56bguIRPrwRDF
9VLTVPsmOkv2A01d3x5eIaddltBxgBURmcq1tQCBudOIMoGnKYxb0Np/rXmLh++bcqcSvCCBsYJU
aOC+fctY61q6GA5YwthE55XBI0msEApnDkskdo6xzaXAWWxPuDqnbE5F3VhGgNaT+N8HXtcUXu98
zMgqohtGX0U=
Fingerprint: ad:43:bb:87:2a:a5:ef:18:22:ae:ff:be:ac:cf:21:25

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

359696613 | 2024-05-15T06:26:54.757522

80 / tcp

HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 15 May 2024 06:26:54 GMT
Content-Type: text/html
Content-Length: 552
Connection: keep-alive

-1671507459 | 2024-05-16T01:39:31.816489

81 / tcp

HTTP/1.1 200 OK
Server: openresty
Date: Thu, 16 May 2024 01:39:31 GMT
Content-Type: text/html
Content-Length: 1693
Last-Modified: Fri, 10 May 2024 14:34:41 GMT
Connection: keep-alive
ETag: "663e3081-69d"
Accept-Ranges: bytes

-1622083909 | 2024-05-27T21:30:14.358402

91 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 27 May 2024 21:30:14 GMT
Content-Type: text/html
Content-Length: 2202
Last-Modified: Wed, 09 Nov 2022 18:25:13 GMT
Connection: keep-alive
ETag: "636bf089-89a"
Accept-Ranges: bytes

1326801314 | 2024-05-30T06:36:18.021103

443 / tcp

SSL Error: TLSV1_UNRECOGNIZED_NAME

1549277766 | 2024-05-30T09:30:24.621968

1935 / tcp

RTMP Server

1847255513 | 2024-05-25T04:04:00.844954

3000 / tcp

HTTP/1.1 200 OK
x-nextjs-cache: HIT
X-Powered-By: Next.js
ETag: "ao8ly5gcven9f"
Content-Type: text/html; charset=utf-8
Content-Length: 30151
Cache-Control: s-maxage=31536000, stale-while-revalidate
Vary: Accept-Encoding
Date: Sat, 25 May 2024 04:04:00 GMT
Connection: keep-alive
Keep-Alive: timeout=5

-405518129 | 2024-05-21T13:19:30.418433

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.11.2-MariaDB-1:10.11.2+maria~ubu2204
  Capabilities: 63486
  Server Language: 45
  Server Status: 2
  Extended Server Capabilities: 33279
  Authentication Plugin: mysql_native_password

-1246004407 | 2024-05-20T05:33:39.496977

4000 / tcp

HTTP/1.1 400 Bad Request
Connection: close

682999421 | 2024-05-03T12:15:06.345084

6881 / udp

DHT Nodes
72.109.158.125	20171
16.94.28.120	40772
64.246.79.210	62786
191.30.203.132	20825
242.187.75.12	56580
1.62.200.234	61608
138.193.118.203	48755
82.152.41.244	20907
17.99.193.14	19056
119.147.180.233	44201
146.45.139.81	3987
255.65.155.28	6285
213.227.228.147	62772
77.254.206.108	64046
142.113.33.164	11460
199.181.142.77	54418
145.214.104.192	1200
41.120.76.237	52211
188.161.151.47	14734
110.125.178.173	50463
17.237.248.46	12008
211.112.250.240	20343
86.99.51.11	5619
88.92.40.236	5237
58.222.6.135	35231
124.127.145.70	27644
78.61.14.104	4372
100.117.196.232	40439
17.138.61.117	60633
21.201.45.86	51782
176.195.78.96	33962
255.74.239.5	5890
18.54.10.184	62192
251.7.58.28	47381

574130828 | 2024-05-22T01:18:28.097065

8000 / tcp

HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 01:18:28 GMT
Content-Length: 9
Content-Type: text/plain; charset=utf-8

1969027212 | 2024-05-27T17:02:45.365031

8081 / tcp

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=600
Content-Length: 7068
Content-Security-Policy: script-src 'self'  'sha256-2HPCfJIJHnY0NrRDPTOdC7AOSJIcQyNxzUuut3TsYRY=' 'sha256-qYEKg5UMg/KbbMBkyPIGsxtkfn/safeLBT08DK3592g=' 'sha256-2erOadwY1DsoNdxVjGlxldMJrFEUzr5sLDdB8lmm9m8=' 'sha256-DgrU+KwEGMFcB8B2ZdQyuxWWvTm7LeGpc+8SkxbSxGA='; worker-src 'self' blob:
Content-Type: text/html; charset=utf-8
Etag: W/"39-c3c79d242b62b5c6c72ab9952522734b11772e0e"
Last-Modified: Wed, 06 Oct 2021 22:42:40 GMT
Permissions-Policy: interest-cohort=()
Date: Mon, 27 May 2024 17:02:45 GMT

<!DOCTYPE html>
<html lang="en">

<head>
  <title>Owncast</title>
  <base target="_blank" />
  <meta charset="UTF-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0" />

  <link rel="apple-touch-icon" sizes="57x57" href="/img/favicon/apple-icon-57x57.png">
  <link rel="apple-touch-icon" sizes="60x60" href="/img/favicon/apple-icon-60x60.png">
  <link rel="apple-touch-icon" sizes="72x72" href="/img/favicon/apple-icon-72x72.png">
  <link rel="apple-touch-icon" sizes="76x76" href="/img/favicon/apple-icon-76x76.png">
  <link rel="apple-touch-icon" sizes="114x114" href="/img/favicon/apple-icon-114x114.png">
  <link rel="apple-touch-icon" sizes="120x120" href="/img/favicon/apple-icon-120x120.png">
  <link rel="apple-touch-icon" sizes="144x144" href="/img/favicon/apple-icon-144x144.png">
  <link rel="apple-touch-icon" sizes="152x152" href="/img/favicon/apple-icon-152x152.png">
  <link rel="apple-touch-icon" sizes="180x180" href="/img/favicon/apple-icon-180x180.png">
  <link rel="icon" type="image/png" sizes="192x192" href="/img/favicon/android-icon-192x192.png">
  <link rel="icon" type="image/png" sizes="32x32" href="/img/favicon/favicon-32x32.png">
  <link rel="icon" type="image/png" sizes="96x96" href="/img/favicon/favicon-96x96.png">
  <link rel="icon" type="image/png" sizes="16x16" href="/img/favicon/favicon-16x16.png">
  <link rel="manifest" href="/manifest.json">

  <meta name="msapplication-TileColor" content="#ffffff">
  <meta name="msapplication-TileImage" content="/img/favicon/ms-icon-144x144.png">
  <meta name="theme-color" content="#ffffff">

  <link href="/js/web_modules/tailwindcss/dist/tailwind.min.css" rel="stylesheet" />

  <link href="/js/web_modules/videojs/video-js.min.css" rel="stylesheet" />
  <link href="/js/web_modules/@videojs/themes/fantasy/index.css" rel="stylesheet" />

  <link href="./styles/video.css" rel="stylesheet" />
  <link href="./styles/chat.css" rel="stylesheet" />
  <link href="./styles/user-content.css" rel="stylesheet" />
  <link href="./styles/app.css" rel="stylesheet" />

  <!-- The following script tags are not required for the app to run,
         however they will make it load a lot faster (fewer round trips) when HTTP/2 is used.

         If you wish to re-generate this list, run the following shell command
         (assuming a linux or unix-ish system):
         find webroot | grep -E '\.js$' | sed -E 's|webroot(.*)|<script type="preload" src="\1"></script>|'
         Don't load/preload app-standalone-chat.js or app-video-only.js.
    -->

  <script type="preload" src="/js/components/platform-logos-list.js"></script>
  <script type="preload" src="/js/components/chat/chat-input.js"></script>
  <script type="preload" src="/js/components/chat/message.js"></script>
  <script type="preload" src="/js/components/chat/content-editable.js"></script>
  <script type="preload" src="/js/components/chat/chat.js"></script>
  <script type="preload" src="/js/components/chat/chat-message-view.js"></script>
  <script type="preload" src="/js/components/chat/username.js"></script>
  <script type="preload" src="/js/components/external-action-modal.js"></script>
  <script type="preload" src="/js/components/player.js"></script>
  <script type="preload" src="/js/components/video-poster.js"></script>
  <script type="preload" src="/js/app.js"></script>
  <script type="preload" src="/js/web_modules/preact.js"></script>
  <script type="preload" src="/js/web_modules/micromodal/dist/micromodal.min.js"></script>
  <script type="preload" src="/js/web_modules/common/core-a6c34bea.js"></script>
  <script type="preload" src="/js/web_modules/common/_commonjsHelpers-37fa8da4.js"></script>
  <script type="preload" src="/js/web_modules/common/core-d14f1e1c.js"></script>
  <script type="preload" src="/js/web_modules/common/core-fed3ccd8.js"></script>
  <script type="preload" src="/js/web_modules/common/core-f87370e0.js"></script>
  <script type="preload" src="/js/web_modules/common/core-d20ff47c.js"></script>
  <script type="preload" src="/js/web_modules/@videojs/http-streaming/dist/videojs-http-streaming.min.js"></script>
  <script type="preload" src="/js/web_modules/markjs/dist/mark.es6.min.js"></script>
  <script type="preload" src="/js/web_modules/@joeattardi/emoji-button.js"></script>
  <script type="preload" src="/js/web_modules/htm.js"></script>
  <script type="preload" src="/js/web_modules/videojs/core.js"></script>
  <script type="preloa

1206048886 | 2024-05-31T20:11:21.190612

8085 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 May 2024 20:11:21 GMT
Content-Type: text/html
Content-Length: 188
Connection: keep-alive
WWW-Authenticate: Basic realm="Login"
Access-Control-Allow-Origin: *

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

-1462863769 | 2024-05-10T17:41:01.604886

8090 / tcp

HTTP/1.1 200 OK
cache-control: no-store
connection: keep-alive
content-length: 1674
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'self';
content-type: text/html
cross-origin-opener-policy: same-origin
date: Fri, 10 May 2024 17:41:01 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

820895907 | 2024-05-29T11:07:07.629403

8181 / tcp

HTTP/1.1 303 See Other
Content-Type: text/html;charset=utf-8
Server: CherryPy/18.9.0
Date: Wed, 29 May 2024 11:07:07 GMT
Location: http://212.7.211.237/auth/logout?redirect_uri=/
Vary: Accept-Encoding
Content-Length: 140

This resource can be found at <a href="http://212.7.211.237/auth/logout?redirect_uri=/">http://212.7.211.237/auth/logout?redirect_uri=/</a>.

467080231 | 2024-05-28T16:41:36.913105

8443 / tcp

HTTP/1.1 302 Found
Location: ./login
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Date: Tue, 28 May 2024 16:41:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5

Found. Redirecting to ./login

711507424 | 2024-05-16T09:56:20.933374

8787 / tcp

HTTP/1.1 200 OK
Content-Length: 7931
Content-Type: text/html
Date: Thu, 16 May 2024 09:56:20 GMT
Server: Kestrel
Cache-Control: no-cache, no-store
Expires: -1
Pragma: no-cache
Vary: Accept-Encoding

-496990914 | 2024-05-27T05:07:05.413145

9000 / tcp

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Length: 19130
Content-Type: text/html; charset=utf-8
Last-Modified: Sun, 21 Apr 2024 23:50:59 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Mon, 27 May 2024 05:07:05 GMT

<!doctype html><html lang="en" ng-app="portainer" ng-strict-di data-edition="CE"><head><meta charset="utf-8"/><title>Portainer</title><meta name="description" content=""/><meta name="author" content="Portainer.io"/><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="expires" content="0"/><meta http-equiv="pragma" content="no-cache"/><base id="base"/><script>if (window.origin == 'file://') {
        // we are loading the app from a local file as in docker extension
        document.getElem

-1988981882 | 2024-05-30T06:36:13.338800

9090 / tcp

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://212.7.211.237/
Content-Length: 73
X-DNS-Prefetch-Control: off
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff

-1503953855 | 2024-05-31T17:53:41.804801

9091 / tcp

HTTP/1.1 401 Unauthorized
Server: Transmission
Access-Control-Allow-Origin: *
WWW-Authenticate: Basic realm="Transmission"
Date: Fri, 31 May 2024 17:53:41 GMT
Content-Length: 26
Content-Type: text/html; charset=ISO-8859-1

<h1>401: Unauthorized</h1>

1524593440 | 2024-05-03T05:50:18.174259

32400 / tcp

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Fri, 03 May 2024 05:50:00 GMT


Plex Media Server:
  Version: 1.40.2.8395-c67dce28e
  Machine Identifier: 6b878539c2595de0efdddc2383a515ec043215de

212.7.211.237

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-367012876 | 2024-05-28T16:49:35.941531
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

359696613 | 2024-05-15T06:26:54.757522
80 / tcp

OpenResty

-1671507459 | 2024-05-16T01:39:31.816489
81 / tcp

OpenResty

-1622083909 | 2024-05-27T21:30:14.358402
91 / tcp

nginx1.22.1

1326801314 | 2024-05-30T06:36:18.021103
443 / tcp

1549277766 | 2024-05-30T09:30:24.621968
1935 / tcp

1847255513 | 2024-05-25T04:04:00.844954
3000 / tcp

-405518129 | 2024-05-21T13:19:30.418433
3306 / tcp

MariaDB10.11.2-MariaDB-1:10.11.2+maria~ubu2204

-1246004407 | 2024-05-20T05:33:39.496977
4000 / tcp

682999421 | 2024-05-03T12:15:06.345084
6881 / udp

574130828 | 2024-05-22T01:18:28.097065
8000 / tcp

1969027212 | 2024-05-27T17:02:45.365031
8081 / tcp

1206048886 | 2024-05-31T20:11:21.190612
8085 / tcp

nginx1.18.0

-1462863769 | 2024-05-10T17:41:01.604886
8090 / tcp

820895907 | 2024-05-29T11:07:07.629403
8181 / tcp

CherryPy httpd18.9.0

467080231 | 2024-05-28T16:41:36.913105
8443 / tcp

711507424 | 2024-05-16T09:56:20.933374
8787 / tcp

-496990914 | 2024-05-27T05:07:05.413145
9000 / tcp

Portainer2.19.5

-1988981882 | 2024-05-30T06:36:13.338800
9090 / tcp

-1503953855 | 2024-05-31T17:53:41.804801
9091 / tcp

1524593440 | 2024-05-03T05:50:18.174259
32400 / tcp

Plex Media Server1.40.2.8395-c67dce28e

Products

Pricing

Contact Us

212.7.211.237

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-367012876 | 2024-05-28T16:49:35.941531 22 / tcp

359696613 | 2024-05-15T06:26:54.757522 80 / tcp

-1671507459 | 2024-05-16T01:39:31.816489 81 / tcp

-1622083909 | 2024-05-27T21:30:14.358402 91 / tcp

1326801314 | 2024-05-30T06:36:18.021103 443 / tcp

1549277766 | 2024-05-30T09:30:24.621968 1935 / tcp

1847255513 | 2024-05-25T04:04:00.844954 3000 / tcp

-405518129 | 2024-05-21T13:19:30.418433 3306 / tcp

-1246004407 | 2024-05-20T05:33:39.496977 4000 / tcp

682999421 | 2024-05-03T12:15:06.345084 6881 / udp

574130828 | 2024-05-22T01:18:28.097065 8000 / tcp

1969027212 | 2024-05-27T17:02:45.365031 8081 / tcp

1206048886 | 2024-05-31T20:11:21.190612 8085 / tcp

-1462863769 | 2024-05-10T17:41:01.604886 8090 / tcp

820895907 | 2024-05-29T11:07:07.629403 8181 / tcp

467080231 | 2024-05-28T16:41:36.913105 8443 / tcp

711507424 | 2024-05-16T09:56:20.933374 8787 / tcp

-496990914 | 2024-05-27T05:07:05.413145 9000 / tcp

-1988981882 | 2024-05-30T06:36:13.338800 9090 / tcp

-1503953855 | 2024-05-31T17:53:41.804801 9091 / tcp

1524593440 | 2024-05-03T05:50:18.174259 32400 / tcp

Products

Pricing

Contact Us

-367012876 | 2024-05-28T16:49:35.941531
22 / tcp

359696613 | 2024-05-15T06:26:54.757522
80 / tcp

-1671507459 | 2024-05-16T01:39:31.816489
81 / tcp

-1622083909 | 2024-05-27T21:30:14.358402
91 / tcp

1326801314 | 2024-05-30T06:36:18.021103
443 / tcp

1549277766 | 2024-05-30T09:30:24.621968
1935 / tcp

1847255513 | 2024-05-25T04:04:00.844954
3000 / tcp

-405518129 | 2024-05-21T13:19:30.418433
3306 / tcp

-1246004407 | 2024-05-20T05:33:39.496977
4000 / tcp

682999421 | 2024-05-03T12:15:06.345084
6881 / udp

574130828 | 2024-05-22T01:18:28.097065
8000 / tcp

1969027212 | 2024-05-27T17:02:45.365031
8081 / tcp

1206048886 | 2024-05-31T20:11:21.190612
8085 / tcp

-1462863769 | 2024-05-10T17:41:01.604886
8090 / tcp

820895907 | 2024-05-29T11:07:07.629403
8181 / tcp

467080231 | 2024-05-28T16:41:36.913105
8443 / tcp

711507424 | 2024-05-16T09:56:20.933374
8787 / tcp

-496990914 | 2024-05-27T05:07:05.413145
9000 / tcp

-1988981882 | 2024-05-30T06:36:13.338800
9090 / tcp

-1503953855 | 2024-05-31T17:53:41.804801
9091 / tcp

1524593440 | 2024-05-03T05:50:18.174259
32400 / tcp