GeneralInformation

Hostnames	vmi1394208.contaboserver.net password.strbacki.com
Domains	contaboserver.net strbacki.com
Country	Germany
City	Frankfurt am Main
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 1883 6000 6001

1331282276 | 2024-05-03T23:09:18.341636

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.8
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDTYtTE4L0S8oR2N+tVny843Caji8mxjPIdFTXkp3gaXC7d
2wh/a+bMLvc6VSI3dchPfjUiw+RtyHsg1CkFicci0nFUkWSbd92fsBN+TM6KKLdI4yYIzk9Kgbmb
8KM2mEXeRLbGYW30zVndfF6YcuJoUx/yncm/XW+YLnjQsqBm4XxoeL0pLBUebllL8PtLahTo0f+l
CD5FU+q2vtsnLh1IInt0yLKIwBt5mxrv1mbMAh5Tuf7qepsA8lB/+axMjeb317ZEXJX5zMTCN6mr
1cW98Msuhn1c4TWktU4pdqpI8V+2psMgjCF4MIQrhAKdxMP2GzY8QkUOeXIP2NUzXP4WlKzzDJj9
Li1lj97S2OumvjWIvEeKN5RAvQtcPid2mpNLXe4gHM5emWf2j6dqZnxkgMjBXZJSUj3HEhvpwczS
JIWcXPqO7n+3wdKVuU08ypfZr0tULArVhNP4RKNeXbMSKxQylq/ZhxnGtVEIA6yGAPWSJPu98rzQ
eXJDbxuOSp1uO0jBOl+dS/5dMBMsC/M9ZH5gvnzeZ8OIoVGLFcfXuwUgo9pdY6n+vzx++Qdo56ye
AftQCULZpLI7QXxC8bfqU0X9Mj4hoFWUdirCT4wpGP4hzgddFs9Rdv7WyDeJxAR15bJ8liUt/uKu
6hyxNroEe9qNfmIQH1RRln4kBFMM2Q==
Fingerprint: 51:f1:f5:ab:75:54:14:28:06:8a:85:6f:1c:29:8b:8a

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-04-28T08:31:05.918996

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Apr 2024 08:31:05 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

1389475053 | 2024-04-20T09:10:26.353787

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 20 Apr 2024 09:10:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1240
Connection: keep-alive
cache-control: public, max-age=600
expires: Sat, 20 Apr 2024 09:20:26 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy: same-origin
x-xss-protection: 0
content-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; object-src 'self' blob:; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; child-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-ancestors 'self' chrome-extension://nngceckbapebfimnlniiiahkandclblb chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh moz-extension://* ; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com ; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory https://app.simplelogin.io/api/ https://app.anonaddy.com/api/ https://api.fastmail.com/ https://api.forwardemail.net ;

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:2b:7d:42:d8:b2:68:5c:f6:6c:64:14:2a:15:cb:07:18:aa
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 17 17:08:33 2024 GMT
            Not After : Jul 16 17:08:32 2024 GMT
        Subject: CN=password.strbacki.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:71:6e:f9:99:d3:05:bc:fc:32:5f:36:1a:4e:
                    6e:ea:a5:e7:ac:d7:ab:21:cc:8a:8e:af:7e:75:29:
                    da:d8:50:d3:94:09:81:53:90:39:47:cc:24:96:12:
                    96:b7:9a:da:7f:57:c4:ab:53:75:dd:bc:06:79:c5:
                    61:12:9f:34:09:32:c6:b1:09:b1:79:71:55:96:fa:
                    28:be:9d:df:f1:a0:31:ef:53:4b:bb:12:97:ec:c7:
                    8b:e8:43:61:20:ec:03:b7:9b:3d:bd:32:e5:3e:52:
                    f7:1b:4c:75:bb:3d:c2:7b:55:22:31:d8:f8:9c:82:
                    29:0d:3b:80:f8:85:17:fe:ab:38:8f:b8:00:8b:71:
                    d6:2e:93:ab:1c:2e:cc:a8:d3:c0:8b:19:b7:07:8b:
                    ec:9e:d0:a6:ff:aa:97:2c:39:06:e1:c9:52:6f:76:
                    05:c3:99:96:8a:78:17:82:8b:a7:c4:bb:f6:c4:ac:
                    1a:c4:09:48:50:45:53:f8:e3:d9:77:5d:6e:be:e3:
                    05:a3:e4:31:97:f9:4e:c8:ca:6b:22:c8:99:73:41:
                    f6:67:0c:78:cc:b9:a2:54:3e:8c:b7:f5:79:ab:1d:
                    98:66:f1:61:96:34:d1:96:e6:95:0d:ca:8e:16:35:
                    e7:13:36:9f:6c:5c:47:11:9e:88:37:5b:43:37:7e:
                    bc:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6C:55:07:6C:CA:D7:CA:BF:79:C5:89:F6:94:7B:B5:EF:50:87:7E:F8
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:password.strbacki.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Apr 17 18:08:33.719 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F0:42:1A:37:1B:BA:EA:62:11:F2:18:
                                3B:EB:16:D1:D7:14:C0:5F:3A:4A:51:8D:A1:1F:F8:73:
                                06:59:16:A2:C0:02:20:65:C9:00:63:84:4D:33:B5:C7:
                                EA:F1:D9:3B:FE:AD:5B:C0:72:05:16:37:08:22:0A:13:
                                FC:E2:12:A6:16:14:DB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 17 18:08:33.671 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:38:2D:29:2E:44:53:47:B3:05:FC:DE:77:
                                D7:42:DB:B0:49:98:E7:3B:1A:0D:4F:BB:E6:99:B3:FD:
                                02:60:FF:98:02:20:43:0B:8D:E9:CE:51:2A:46:FB:9E:
                                80:28:FD:EE:CE:FE:AF:F3:D5:A6:B3:E1:BC:66:FE:8E:
                                37:33:A4:74:9A:D7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        76:9e:d3:4a:c7:b9:0c:13:92:cc:c2:86:28:1a:93:ba:db:31:
        5c:54:63:cc:7d:32:25:ca:62:65:5f:c2:00:11:f6:40:01:f0:
        8e:76:19:3c:fc:73:07:ad:27:55:c9:44:46:f1:5b:bc:6f:81:
        59:d6:ca:2c:0d:f4:1e:98:e1:63:c0:53:78:3a:0c:bd:61:b4:
        34:4d:45:77:78:24:7f:eb:10:5c:21:94:12:3f:32:11:2c:20:
        0a:26:c2:f7:01:60:ab:2c:ea:89:43:91:58:d7:d1:36:6e:db:
        0f:e1:01:1b:77:a2:3d:29:20:e5:00:4c:e1:fe:56:53:46:d1:
        ea:82:01:0e:e9:91:4a:55:88:d5:e5:ac:7f:65:80:67:6c:7c:
        df:8b:3b:7e:72:19:52:84:3f:b7:30:0b:d5:54:da:15:ff:87:
        ba:4a:54:48:9e:ce:cc:a6:0a:b5:83:4f:fb:0f:1d:ed:df:ef:
        24:90:42:72:62:ef:0a:a3:bd:12:92:c9:19:e8:cd:ae:4a:58:
        a9:2a:c0:1b:02:b9:9d:04:3a:6b:88:9f:dc:0a:da:cd:0b:9b:
        6f:eb:a3:7e:cf:d0:53:7f:b1:44:14:fd:34:05:2a:c1:64:93:
        41:fa:b6:25:2c:1d:30:87:5c:ff:47:73:23:46:4b:b4:97:ba:
        5d:a1:df:5e

-1278912815 | 2024-05-02T13:43:01.421038

1883 / tcp

MQTT Connection Code: 5

Topics:

1034930893 | 2024-04-23T13:31:20.272569

6000 / tcp

HTTP/1.1 400 Bad Request
content-length: 0
date: Tue, 23 Apr 2024 13:31:20 GMT

62.171.148.74

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1331282276 | 2024-05-03T23:09:18.341636
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.8

677579724 | 2024-04-28T08:31:05.918996
80 / tcp

nginx1.18.0

1389475053 | 2024-04-20T09:10:26.353787
443 / tcp

nginx1.18.0

-1278912815 | 2024-05-02T13:43:01.421038
1883 / tcp

MQTT

1034930893 | 2024-04-23T13:31:20.272569
6000 / tcp

Products

Pricing

Contact Us

62.171.148.74

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1331282276 | 2024-05-03T23:09:18.341636 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.8

677579724 | 2024-04-28T08:31:05.918996 80 / tcp

nginx1.18.0

1389475053 | 2024-04-20T09:10:26.353787 443 / tcp

nginx1.18.0

-1278912815 | 2024-05-02T13:43:01.421038 1883 / tcp

MQTT

1034930893 | 2024-04-23T13:31:20.272569 6000 / tcp

Products

Pricing

Contact Us

1331282276 | 2024-05-03T23:09:18.341636
22 / tcp

677579724 | 2024-04-28T08:31:05.918996
80 / tcp

1389475053 | 2024-04-20T09:10:26.353787
443 / tcp

-1278912815 | 2024-05-02T13:43:01.421038
1883 / tcp

1034930893 | 2024-04-23T13:31:20.272569
6000 / tcp