| Hostnames |
vmi1333507.contaboserver.net api.voipsimples.com.br app.voipsimples.com.br |
| Domains | contaboserver.net voipsimples.com.br |
| Country | Germany |
| City | Nürnberg |
| Organization | Contabo GmbH |
| ISP | Contabo GmbH |
| ASN | AS51167 |
| Operating System | Ubuntu |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
| CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-323127365 | 2024-05-14T19:55:25.98114822 / tcp
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.7 Key type: ssh-rsa Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDiCBoapm/Y4SSk1XAHkmzpECTo3rsAjUGW1/B5DRowM00X hwQhogp51u4CiGP5UqxccWt39YArkJCAnaH35FK7P4P5bNVbpM6mGCYVg8loWnh2MgQzPFdeur/2 W72EDc1mVic7No0Uzvt0gWc8jI3UVrfWYGSa/82uODE5oJtPnpRhClkSAnqW4CCpECmPvCMJaRCB SysVVomod49+zELnFNCqtOcHLaYDtrLl40uMRu/gmM30dowGoF8JhLmxkALLpjGIn6BFbzaxALZA eUN1jfc26Dr73Vewx7Vpp4gikTPf3nA7FzEMjiFLgJVcRHltb6ugceup+8N2J5bfSUQgyFBPJiyd XM99+qPBypnvyDCB5JxzROeGcWKaNiqmqeJ2CgjDg4FtwPwKQoE3LuAB53K5ra4ujVKFzqEv1aFe cGJIsBI2OMkTrKlSurC2s/BB5Vq0SNkoP7y05paLfM1z8TbJZsQ2K8FpaDMKlMqLTO0Ayu6bM6kL DldAa5yE08H2nocW0Yy7aSjaucq7lhNhID13AmvnMs0ifn5NB9JJn5Y3eFee0htHJYQdP3M2v3GE 2ThRJS/I49h38+JyxIOKRX7LUoBznlXsv+L8KRgflXWiae4SHxwuHzDl/Y9sDzH+AcgkLWIkoXYE 2l5TNJgNCdg9cq/l3WJuYcoJGDX9Nw== Fingerprint: b7:44:f1:0d:4c:60:f9:ae:8a:88:de:b4:df:de:c2:6e Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
677579724 | 2024-05-14T21:48:06.19729380 / tcp
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 14 May 2024 21:48:06 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive
780672404 | 2024-05-17T18:57:43.245760443 / tcp
HTTP/1.1 502 Bad Gateway Server: nginx/1.18.0 (Ubuntu) Date: Fri, 17 May 2024 18:57:43 GMT Content-Type: text/html Content-Length: 568 Connection: keep-alive
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c6:c7:7c:e5:9c:b9:fc:21:a2:75:d2:84:85:58:da:16:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R3
Validity
Not Before: Apr 18 18:29:50 2024 GMT
Not After : Jul 17 18:29:49 2024 GMT
Subject: CN=api.voipsimples.com.br
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:db:ce:35:37:d6:bc:cb:0f:cc:a2:0b:dd:c3:bc:
e2:c9:b2:1b:99:c6:31:f3:31:7b:7b:d7:ff:d9:64:
86:fc:7b:5c:ee:2e:80:77:1e:3b:03:8f:f2:c0:50:
66:83:17:eb:f5:e4:30:63:c3:cb:6d:31:08:5f:01:
e2:a9:95:bd:d0
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
34:45:C6:DD:EF:FE:B8:D3:15:3E:40:C5:CC:BD:3B:72:F8:C4:7B:96
X509v3 Authority Key Identifier:
14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:api.voipsimples.com.br, DNS:app.voipsimples.com.br
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Apr 18 19:29:50.968 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:83:A3:80:F5:43:43:C3:8F:DB:73:20:
A0:7E:D9:6E:C5:73:94:8B:E8:75:3A:4E:C5:74:89:F4:
61:63:CB:83:14:02:21:00:B9:6B:A7:9B:AB:CF:B7:17:
AC:EA:C3:E5:81:12:7D:55:21:AC:DB:08:7F:86:F4:8E:
44:EA:32:61:2C:85:8B:43
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
Timestamp : Apr 18 19:29:51.186 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:1B:CC:C9:1A:53:6F:61:61:01:E8:0D:BA:
6B:5B:2C:3B:74:E7:03:C3:FA:01:63:EF:A1:0F:34:E0:
04:4F:B1:DA:02:21:00:E3:2F:53:53:31:32:20:3A:25:
BE:D1:97:4B:6F:14:FF:0C:03:7B:D9:D2:F4:54:83:91:
C0:F4:A2:88:F6:2A:22
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
2a:c3:34:a9:6f:e4:68:73:f8:aa:46:2c:9f:bf:3f:2d:4f:a4:
53:12:dc:c6:3e:be:92:02:ea:2f:c2:35:66:9a:25:e6:37:7e:
21:1f:29:8a:0c:00:64:7e:7a:2d:40:ab:a6:3e:07:0d:ac:5a:
02:8b:df:46:78:10:25:1b:3b:e0:3a:25:52:45:44:68:19:0f:
c3:1b:98:55:22:7d:41:07:7c:11:9b:d7:fb:c8:4b:dd:76:14:
eb:4b:7a:5c:53:06:6b:61:26:4b:52:12:e9:00:4e:18:2f:ab:
65:ff:ef:93:a8:90:c6:68:53:de:f2:bd:fa:3d:bc:db:7e:2b:
75:cf:20:5f:20:4a:28:07:10:aa:1b:93:55:f8:9f:06:64:cd:
64:d0:9f:3f:65:6d:6d:ec:e4:e6:1b:ef:1f:f6:8b:82:a7:17:
de:aa:a0:07:ef:b7:eb:93:26:7e:11:23:cb:5a:c1:e9:87:23:
64:0c:e3:2d:01:b6:c8:26:97:fd:2d:97:45:12:80:01:6e:73:
97:9a:fb:ed:90:66:27:7c:a0:d8:6b:ab:e8:f5:a5:ef:31:6f:
7a:2f:83:d0:83:49:a9:7f:a3:49:6b:36:37:3d:e0:0e:3e:09:
69:82:db:a0:2c:5e:a9:b0:31:9c:0f:28:27:93:e2:0e:10:c1:
63:45:2a:1c
-513682643 | 2024-05-12T17:39:21.5557543001 / tcp
HTTP/1.1 200 OK X-Powered-By: Express Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Mon, 11 Mar 2024 18:51:36 GMT ETag: W/"329-18e2edb205e" Content-Type: text/html; charset=UTF-8 Content-Length: 809 Date: Sun, 12 May 2024 17:39:21 GMT Connection: keep-alive Keep-Alive: timeout=5 <!doctype html><html lang="en"><head><title>Integracao SGM</title><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap"/><link rel="apple-touch-icon" href="/apple-touch-icon.png"/><link rel="icon" href="/favicon.ico"/><link rel="”shortcut" icon” href="”/favicon.ico”"><link rel="manifest" href="/manifest.json"/><meta name="theme-color" content="#000000"/><meta name="viewport" content="minimum-scale=1,initial-scale=1,width=device-width"/><script>crossOriginIsolated||(SharedArrayBuffer=ArrayBuffer)</script><script defer="defer" src="/static/js/main.3d9971ac.js"></script><link href="/static/css/main.45e18960.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
-726790289 | 2024-05-16T05:38:28.0848005432 / tcp
PostgreSQL fe_sendauth: no password supplied
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:d2:a9:15:31:2c:54:c5:90:18:64:ef:fd:9e:4c:1d:2c:fa:c7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=vmi1333507.contaboserver.net
Validity
Not Before: Jun 21 23:44:43 2023 GMT
Not After : Jun 18 23:44:43 2033 GMT
Subject: CN=vmi1333507.contaboserver.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d5:a6:d2:7c:5c:69:f8:26:73:ee:04:33:29:ee:
11:3c:aa:22:d3:12:a9:0f:9f:02:47:16:b8:54:83:
2f:3b:42:b0:4d:27:ab:cd:62:50:ec:b4:3c:1e:9c:
a3:d5:50:62:a4:51:07:02:3c:df:3c:2b:4b:89:58:
29:5c:e5:5e:83:de:eb:18:56:5d:5c:1b:83:da:42:
ae:52:26:ab:84:bb:3e:9d:ed:95:25:85:51:08:fb:
c5:96:59:41:6b:58:eb:f7:17:ba:61:8e:1c:7f:12:
c3:5a:e5:5c:fc:55:02:77:8c:ad:ac:bc:91:fa:ba:
6b:ef:e3:21:2f:f0:d1:18:ef:f4:c1:76:71:6a:f5:
b8:57:2b:8f:64:25:55:7c:bc:7b:07:19:64:03:2a:
11:5c:f7:da:d3:46:c6:9f:a6:ae:a0:37:47:47:2a:
ee:4d:5f:d7:44:b2:93:db:76:28:4c:cf:85:0d:eb:
59:b9:22:94:92:14:d5:0a:13:9b:24:78:f6:93:05:
6d:25:c8:30:34:c3:21:d2:42:61:38:1a:cd:25:c9:
bb:a5:e6:f4:87:70:20:34:71:6b:eb:e9:7b:41:4d:
4c:7c:84:a1:1b:8f:88:28:cd:96:02:1d:91:a8:b2:
44:dd:2b:b8:30:8e:95:86:ef:0a:39:00:ff:91:62:
d4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
DNS:vmi1333507.contaboserver.net
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
43:1b:55:f5:83:a7:c5:a5:81:71:f5:95:58:b7:89:11:3f:e4:
af:fa:e5:bc:9e:83:25:3c:45:a1:bf:a0:8c:51:b0:c2:44:68:
38:5c:66:c2:eb:04:4a:db:80:b2:d2:74:97:cb:ca:02:b8:2d:
0d:f1:db:a1:e8:d0:c5:6c:37:37:fd:e1:8d:6d:c0:98:9c:90:
c1:b5:90:94:5d:ce:89:48:c2:cc:d4:82:84:e0:aa:6d:07:fc:
66:49:a9:96:92:ac:41:38:dc:c6:bc:47:d3:cc:f5:fe:29:b8:
1a:d0:81:9c:11:37:fb:a7:9e:71:0e:a1:52:5d:a5:cf:92:9d:
d7:ec:2c:48:48:d5:81:80:09:9e:1e:ab:6f:12:27:02:cb:8b:
f6:26:23:33:95:16:97:62:c0:fe:d5:54:aa:e3:10:52:16:f5:
ce:ef:9f:cd:2a:b7:8d:d7:08:71:22:72:ed:bc:a3:25:7c:bd:
37:33:55:d3:40:54:f7:7c:70:e7:c7:ef:f1:3e:06:12:3b:6c:
4a:17:44:59:dd:8a:1c:4c:53:79:6c:3f:5e:34:4a:37:89:49:
82:c7:e0:4a:30:a8:85:bf:e2:6b:e2:5c:8e:8f:93:71:b1:a2:
37:0f:31:c7:76:ee:58:d3:10:7e:b6:51:a7:0f:28:c3:07:30:
e5:ac:17:1b
-1060095501 | 2024-05-14T14:34:18.6911698080 / tcp
HTTP/1.1 404 Not Found X-Powered-By: Express Access-Control-Allow-Origin: https://app.voipsimples.com.br Vary: Origin Access-Control-Allow-Credentials: true Content-Security-Policy: default-src 'none' X-Content-Type-Options: nosniff Content-Type: text/html; charset=utf-8 Content-Length: 139 Date: Tue, 14 May 2024 14:34:13 GMT Connection: keep-alive Keep-Alive: timeout=5
-118098025 | 2024-05-08T21:13:30.52247410000 / tcp
HTTP/1.0 200 Document follows Date: Wed, 8 May 2024 21:13:29 GMT Server: MiniServ/2.021 Connection: close Auth-type: auth-required=1 Set-Cookie: redirect=1; path=/; secure; httpOnly Set-Cookie: testing=1; path=/; secure; httpOnly X-Frame-Options: SAMEORIGIN Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self' X-Content-Type-Options: nosniff X-no-links: 1 Content-type: text/html; Charset=UTF-8
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:52:77:22:0a:a6:b0:51:2e:b4:b0:17:d0:72:01:b7:07:6e:a9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=vmi1333507.contaboserver.net, C=US, L=Santa Clara
Validity
Not Before: Jun 22 11:50:41 2023 GMT
Not After : Jun 20 11:50:41 2028 GMT
Subject: CN=vmi1333507.contaboserver.net, C=US, L=Santa Clara
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:af:88:7a:96:d0:ac:fc:9e:0e:2a:04:0f:4e:a3:
34:e9:ad:00:45:f7:0d:6b:4e:6b:90:91:fd:20:44:
79:fe:38:b0:c3:8f:95:90:2c:02:13:a2:90:ac:1b:
26:82:c1:7e:12:ee:79:7c:0e:fc:15:42:5d:fb:83:
26:a3:2a:f4:a7:7b:91:4e:22:2f:f6:e0:d5:4b:61:
0f:97:d3:ce:3a:af:89:52:1f:3c:c8:73:15:a5:a4:
05:6d:20:76:1f:65:e2:8f:f6:3a:48:0e:ea:24:c4:
37:a9:4a:c8:ea:22:31:c1:d2:6d:28:2f:32:c4:e3:
f9:53:d2:66:bb:f4:ac:7e:ea:6c:53:4f:c0:87:5c:
8f:8a:de:a7:39:da:06:d5:b1:fa:92:8b:be:e5:8b:
dc:7a:46:51:4f:39:9b:ee:4f:9f:36:78:a8:f9:da:
b6:ab:24:4c:9f:d8:fc:8f:7a:a1:a0:3c:37:3e:22:
fd:c8:7d:c6:dc:2a:56:64:e7:6b:bc:76:74:a4:06:
7d:1e:ab:f7:b9:44:42:8f:2e:cd:12:93:59:b5:61:
15:3f:6e:e7:5f:88:d7:8b:e9:8d:05:0b:2a:34:4d:
e5:90:12:e5:f7:17:1b:61:ab:90:ef:83:c0:a5:c7:
74:23:4e:d0:2b:ce:8b:06:05:61:ec:03:a6:d0:f4:
6e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:47:3F:58:66:67:2D:86:CF:9A:FD:A4:AA:F0:3A:4C:68:69:A2:5E
X509v3 Authority Key Identifier:
AE:47:3F:58:66:67:2D:86:CF:9A:FD:A4:AA:F0:3A:4C:68:69:A2:5E
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Alternative Name:
DNS:vmi1333507.contaboserver.net, DNS:localhost
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
30:05:c0:a4:d9:3f:39:8e:52:f5:88:ba:c1:33:ba:24:02:4e:
3d:2d:ab:86:67:d9:40:be:fa:bc:c8:a5:77:af:f3:b5:76:e5:
5b:eb:03:c9:ef:64:ee:99:ce:4e:3c:2a:55:f3:3b:f1:3f:a6:
7e:71:62:a7:60:a9:42:57:c5:b1:ee:be:f8:a2:27:b0:d2:6b:
29:4f:2d:df:92:00:3e:8c:00:fe:16:de:f2:d8:d1:f1:27:6d:
14:1c:27:53:05:c5:4c:d5:e5:bd:ab:70:70:d4:fb:af:24:fa:
f5:27:9b:79:de:70:d3:81:94:fb:68:84:e6:cf:1a:6a:e0:09:
14:59:bd:bd:61:d0:7b:2c:cb:b0:22:97:16:63:39:5f:51:25:
43:0b:0a:10:b6:19:52:1f:c7:0c:05:3d:95:f6:2d:7c:6b:11:
24:f7:ea:9e:e7:a2:6c:bd:62:66:7b:bb:ac:54:9d:91:23:99:
d4:24:ae:b1:59:5b:41:0b:f7:1f:a8:c6:fd:e5:ce:6c:7d:31:
f7:b5:6f:05:3f:c1:10:99:6a:30:e9:2f:7e:e0:76:a9:cc:c8:
27:8f:cb:be:53:c6:d3:02:61:1b:57:ab:9d:e4:93:b1:8e:97:
24:e3:7e:15:9b:c1:4f:e3:5d:43:79:bb:3d:94:40:e4:ad:d2:
f4:da:c1:fe