Hostnames |
alpenbergerfliesen.de www.alpenbergerfliesen.de |
Domains | alpenbergerfliesen.de |
Country | Germany |
City | Dresden |
Organization | 1&1 IONOS SE |
ISP | IONOS SE |
ASN | AS8560 |
Operating System | Ubuntu |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
388316032 | 2024-05-08T18:40:40.67705422 / tcp
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 Key type: ssh-rsa Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDZIJyMtRTx4VroD7pGiwAeQcaw2eANUVhg47YxLIYuljnh Bd/1aldguVX+YM2KN83dgZpgF/CYk+RxleoeqofOavpXbtk9PVWspDByp4YjW3I14CWNl4PQXM/X SP9Kpy5TQeUigeKPb/+ECqji6HKf1nWPFgPMcRK394ndRHJNskoNpndobB3SQhjvl+o84XN6wgYq aYOVsoS2JPvmA9qAIRvKoTfqzFN2f8ii+8WRvE40T7kMl6oqUiLqc1pNuzjpcFaPZFq3NfLkW5ct x/mr4BHZ5gFuhayVtFJGjxUJJ4Ws1U/+/Y9RW3hJP4slPE/HVcY4WxewCNIFj8tPRPVhsPBqTsIh 4Np4umsK0oZBO4i3UA+FVXRiB+gKUauGXaT/Eh5/AsuXLQ+/wcCNo92iVm7wHEQZq1RKk+IDmBm1 5bTUotgG7Od2AHrIgomM8mlZ+YJ9RFFmjB0VX7b4yCWdOCsc5WWTmgAqTEsZrYwc/u+q8RvNy7YN MpgL03qsP6c= Fingerprint: 00:dc:d5:eb:9f:6a:4a:b1:1c:1b:d4:f2:f3:96:9b:e3 Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
1651973090 | 2024-05-05T18:29:53.19865280 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 05 May 2024 18:29:53 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Sat, 08 Jan 2022 18:51:58 GMT Connection: keep-alive ETag: "61d9dd4e-264" Accept-Ranges: bytes
-526809214 | 2024-04-28T16:30:21.848055443 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 28 Apr 2024 16:30:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Set-Cookie: PHPSESSID=g25sfdbf2lo3tj5to68te6boom; expires=Sun, 28-Apr-2024 17:30:20 GMT; Max-Age=3600; path=/; domain=alpenbergerfliesen.de; secure; HttpOnly; SameSite=Lax Pragma: no-cache Cache-Control: max-age=0, must-revalidate, no-cache, no-store Expires: Fri, 28 Apr 2023 16:30:20 GMT X-Magento-Cache-Control: max-age=0, must-revalidate, no-cache, no-store X-Magento-Cache-Debug: MISS X-Magento-Tags: FPC Content-Security-Policy: font-src *.fontawesome.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.sandbox.paypal.com *.youtube.com *.paypal.com *.googleadservices.com *.google-analytics.com *.google.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.placeholder.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com *.twitter.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.googleapis.com *.placeholder.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *.twitter.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.googleapis.com *.placeholder.com cdn.lightwidget.com lightwidget.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io https://www.magezon.com *.google.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cdninstagram.com *.youtube.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.googleapis.com *.placeholder.com cdn.lightwidget.com lightwidget.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.avada.io *.google.com *.gstatic.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.youtube.com *.instagram.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.googleapis.com *.placeholder.com cdn.lightwidget.com lightwidget.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.fontawesome.com *.google.com unsafe-inline *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.youtube.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.placeholder.com cdn.lightwidget.com lightwidget.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cloudflare.com *.twitter.com *.twimg.com *.google.com *.youtube.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.googleapis.com *.placeholder.com cdn.lightwidget.com lightwidget.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN
Certificate: Data: Version: 3 (0x2) Serial Number: 0a:68:ea:91:30:9f:94:79:f9:45:67:e0:a4:58:2c:ba Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1 Validity Not Before: Mar 30 00:00:00 2023 GMT Not After : Mar 1 23:59:59 2024 GMT Subject: CN=www.alpenbergerfliesen.de Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:be:aa:35:30:c1:43:32:35:b2:2f:b2:be:64:87: 2f:6c:81:59:82:47:ce:e5:b2:9a:92:40:14:1f:70: 1d:c1:d8:04:9a:f7:cf:f0:0a:b4:3b:9d:7e:b1:15: b6:28:c6:30:cb:7d:4d:83:4f:f4:03:46:e3:eb:08: 95:6b:9c:02:ae:0b:62:76:e1:ed:09:08:b4:8c:8f: ff:81:3a:13:0f:6c:f8:82:b4:a8:97:f1:ab:2e:6f: 42:28:10:e1:69:88:96:b2:9e:67:3b:73:24:a7:6e: dc:52:89:0d:93:0e:69:6e:70:2a:53:b9:3a:4e:1e: 2c:14:01:f7:b4:aa:db:6b:d7:f7:8d:93:f1:f4:e4: 32:0c:63:6e:dd:28:49:a1:aa:c3:aa:58:19:81:76: 06:30:3b:1a:a2:7b:d7:27:39:1a:29:3d:8b:61:07: 1b:37:aa:f4:79:a3:70:78:34:0b:ad:3c:3a:c9:88: b3:52:94:32:65:28:4f:d0:22:fb:04:f1:39:49:21: cc:35:fc:da:ec:01:90:1f:2f:f9:bc:df:2f:58:7c: 20:12:52:0f:ad:a7:89:44:2f:87:c8:4f:e8:e2:7d: 11:20:4b:2f:33:53:40:be:4c:12:5e:cd:dc:2b:c1: 42:2f:c7:ed:81:fe:5a:11:d1:22:c9:52:5c:a2:35: 59:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 94:4F:D4:5D:8B:E4:A4:E2:A6:80:FE:FD:D8:F9:00:EF:A3:BE:02:57 X509v3 Subject Key Identifier: 69:D6:28:F6:2E:F7:74:E4:41:69:E0:35:69:E9:C9:B6:58:E1:44:71 X509v3 Subject Alternative Name: DNS:www.alpenbergerfliesen.de, DNS:alpenbergerfliesen.de X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: Full Name: URI:http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CPS: http://www.digicert.com/CPS Authority Information Access: OCSP - URI:http://status.geotrust.com CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt X509v3 Basic Constraints: CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Mar 30 11:19:32.910 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:4F:29:B0:67:ED:B0:88:C3:50:60:74:BD: 12:C5:FB:2D:51:1F:39:DC:50:7F:36:08:62:8E:10:DC: 88:6A:45:96:02:21:00:81:D7:FD:EE:AA:76:78:C6:C6: 59:4D:DA:99:29:B8:E1:BB:F1:26:8A:54:AE:AD:5E:FC: D7:DB:84:01:67:F9:B4 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 73:D9:9E:89:1B:4C:96:78:A0:20:7D:47:9D:E6:B2:C6: 1C:D0:51:5E:71:19:2A:8C:6B:80:10:7A:C1:77:72:B5 Timestamp : Mar 30 11:19:32.913 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:66:CF:09:E2:69:B9:F6:6E:1D:7C:61:1B: A5:4D:94:BA:1D:43:09:31:49:57:EB:2B:26:C2:38:19: D9:3D:78:66:02:21:00:D5:FB:E5:E1:95:57:57:D9:26: E7:C5:0F:89:1F:D3:A2:87:1F:09:16:71:1F:5E:9D:E6: 18:3F:08:96:53:06:4F Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB: 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73 Timestamp : Mar 30 11:19:32.867 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:16:66:74:75:32:BE:17:70:70:B2:78:B3: 05:A4:48:9F:87:30:74:00:EA:8D:9F:B3:B2:5D:B5:BE: D4:60:D1:58:02:21:00:FB:B8:DE:EE:9B:CD:48:FC:53: 96:FC:96:FA:03:41:97:97:6A:C0:94:4E:D7:37:1F:1E: C6:84:51:8D:EB:B5:22 Signature Algorithm: sha256WithRSAEncryption Signature Value: 08:c1:35:f7:98:dd:b3:08:bb:d3:ca:a3:f1:6c:94:0c:61:5d: f0:4b:64:6c:08:62:3f:06:c3:31:9b:c8:cc:e5:47:23:c6:ef: 09:0b:17:dc:45:4c:1b:03:15:9c:88:2d:83:72:bd:a3:d0:c8: d9:43:71:18:f8:f8:8c:6c:f7:cf:cf:04:3c:79:4a:36:1e:1d: 9d:98:ea:c6:3f:4e:55:8e:72:3d:04:d5:1a:95:0d:89:69:79: 3f:97:55:4c:de:b9:26:59:96:d5:51:6f:01:ee:89:79:9f:ab: 36:8d:4a:76:e6:bd:ad:e6:8f:7f:79:d1:ce:a0:0b:52:56:ca: 51:52:85:8a:59:c7:50:91:f2:bf:b8:5b:e8:e0:57:97:d5:5f: 9e:c1:98:08:08:aa:8b:b2:2e:23:4e:2c:4a:54:5d:a9:47:9c: f1:87:02:fd:25:0d:c6:9c:10:6a:c0:38:b7:29:5d:43:8a:6d: 92:85:6e:38:75:b1:a2:b2:d6:6c:b4:6f:03:04:ec:e6:43:74: 7a:aa:27:25:74:57:8e:2c:73:0b:97:00:77:77:bf:99:76:f7: d0:d4:15:dd:6d:6b:87:9e:17:15:3d:f0:7c:29:c2:88:b6:ec: 14:d1:1a:17:79:b6:3e:60:c0:fd:02:ca:a0:b5:ee:75:a2:c4: 67:8f:f5:30