GeneralInformation

Hostnames	fahrradgarage.online www.fahrradgarage.online erp.faststage.de garden-cube.eu www.garden-cube.eu
Domains	fahrradgarage.online faststage.de garden-cube.eu
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Debian

WebTechnologies

CMS

Odoo

Databases

PostgreSQL

Miscellaneous

Less

Programming languages

Python

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 25 80 443 8069

-284224091 | 2024-05-07T17:52:14.811658

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCpiWciKo5eGl4uhDDnDa21U5thyXO3pn6pbY6n4qEysLhM
RUCxpchm6MeeRnKUPYbtOqKW8LM3Ke4V8lWf8SrEInRNTkFYbUUqF9IyS3ZVTjq5706fByU7BVNT
PXH5p+eG4sDMVsqa3Lq6kpTA2AlspXB5DiYApKwX9R7oKTPWSKxzzQDr2BnPanM0Brq81cAjqIiH
zoWxWyHB7WIVhg7ebRbGOYORtMHDbrl6vLpWruU6NZHx880FDrG0OEQi0eDQFHhy6/kLC4waBzgh
SJRvEA0w1tgEVD5UiEjA9I6g6nHQGLlPU2GzN+kZ5qB3qZ9zARe3rLZNcDWkVKDgci1JiPaxy92K
FpA7XX3v955Ws6BkkCF75WyzD8q0LwSIB1YJh2vDblwERUjGx/EaqZchlqUN3lNvN5VlAjDzveHp
40rOd3lJBm2hMc3YIArQxDW+k8YKNwzCV8evkm03Iq0n/YEiVcWNJ4ys0UL+RPxq5ElFQ+F86zrW
c+sP/bw5foc=
Fingerprint: 38:2a:1b:86:0e:da:5a:3a:00:9a:3c:30:06:02:91:6b

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1794828111 | 2024-05-06T06:42:54.274512

25 / tcp

220 fahrradgarage.online ESMTP Postfix (Debian/GNU)
250-fahrradgarage.online
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:ce:17:5e:c9:fb:62:b5:ef:06:8f:7a:86:df:1e:f1:a6:8c:a8:89
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FS-Odoo
        Validity
            Not Before: Jun 25 21:02:36 2023 GMT
            Not After : Jun 22 21:02:36 2033 GMT
        Subject: CN=FS-Odoo
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b6:cf:ce:ad:93:13:39:00:91:12:66:54:03:6f:
                    8f:e9:6c:d4:b2:23:ac:fb:a9:15:82:27:4c:9a:10:
                    de:ca:f2:6d:d7:42:4f:8d:4c:7d:f1:b2:a6:01:3f:
                    11:99:34:d7:b7:db:ae:e9:15:92:73:00:28:36:04:
                    0e:fd:4f:5f:3b:9b:09:5b:99:5f:11:0f:7b:3b:d3:
                    91:23:48:40:88:e2:01:8c:d8:da:9d:50:95:ea:4d:
                    73:50:80:ed:58:e1:63:3e:06:9a:9e:8f:69:a6:4e:
                    a1:67:1c:97:bb:19:3f:a6:f7:ca:fb:66:fc:85:2d:
                    12:84:3c:39:2b:de:de:8c:75:71:6b:6f:3f:e4:84:
                    bd:99:b2:22:a2:c1:83:05:e5:2f:bb:a9:01:31:26:
                    b6:91:2b:be:66:b9:22:96:9f:2c:ce:5d:fa:00:4d:
                    50:db:8d:6d:16:6b:d2:ae:10:5c:ac:82:9f:00:bd:
                    65:28:14:5f:44:00:29:c9:da:fa:14:08:42:c5:cf:
                    41:b7:76:4b:cb:52:d3:37:c3:93:b0:03:25:be:b3:
                    18:20:30:f0:18:2c:0a:23:97:37:40:87:a0:93:72:
                    cf:7b:e5:8f:6a:b9:f6:97:62:9d:0c:20:d4:6b:4b:
                    55:c6:c4:31:77:b8:21:cb:dc:7c:a6:78:8f:62:03:
                    d5:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:FS-Odoo
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        73:f4:11:1b:f1:e5:9f:5e:bb:c6:5c:28:1b:9f:0f:23:14:9d:
        29:d9:8c:87:99:11:5f:cc:ab:af:19:95:59:84:bc:60:67:6d:
        21:e7:67:35:df:df:12:19:15:fa:e9:ca:b9:38:50:cd:dd:96:
        1b:4a:06:d6:97:0b:87:d4:96:4b:5d:33:4d:92:19:15:b7:86:
        77:db:ed:11:5d:f5:ad:be:c2:ff:5d:a5:85:93:70:66:4c:16:
        74:44:1d:fe:fb:aa:fa:b2:7a:55:38:ca:91:91:ba:ee:1c:f5:
        cb:af:b7:d6:d2:c2:82:ea:b6:b4:51:0c:21:83:5d:b1:ce:bf:
        d1:24:3c:92:d3:4f:49:91:b0:57:35:96:bf:b1:1e:60:10:ec:
        c9:b9:04:b8:ba:bc:cc:d4:bc:8a:78:02:08:60:df:99:db:7f:
        2d:68:1f:18:46:b6:9a:fe:b8:c6:a8:09:d1:27:dd:18:74:02:
        d6:2a:4f:8d:c0:85:2c:06:1f:12:7d:73:7e:23:e9:d4:34:f7:
        d9:aa:f0:76:b8:4c:24:d4:47:98:fb:8e:d0:2f:cf:7b:e1:b0:
        b0:b4:06:4c:24:9a:73:b5:2f:54:1c:09:65:2c:e0:13:28:2d:
        d5:ab:a5:4c:56:db:c9:38:3d:a0:91:de:a6:e8:92:fc:d3:81:
        dd:5e:4a:86

950229086 | 2024-04-30T04:08:26.267421

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 30 Apr 2024 04:08:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: frontend_lang=de_DE; Expires=Wed, 30-Apr-2025 04:08:26 GMT; Max-Age=31536000; Path=/
Set-Cookie: session_id=322d00615d3f7cfb70e854d694f9ebfddb26aa47; Expires=Tue, 07-May-2024 04:08:26 GMT; Max-Age=604800; HttpOnly; Path=/

1056713487 | 2024-04-20T22:16:01.486330

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 20 Apr 2024 22:16:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: frontend_lang=de_DE; Expires=Sun, 20-Apr-2025 22:16:01 GMT; Max-Age=31536000; Path=/
Set-Cookie: session_id=d70221be645bf60143910ddc99a01d234c32b2a2; Expires=Sat, 27-Apr-2024 22:16:01 GMT; Max-Age=604800; HttpOnly; Path=/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:f4:e9:bd:fb:47:b6:0d:68:f9:bc:00:7f:ea:d9:b8:33:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 21 07:10:18 2024 GMT
            Not After : May 21 07:10:17 2024 GMT
        Subject: CN=erp.faststage.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a4:e8:43:69:f1:27:2e:2f:aa:cd:8e:9c:6d:ea:
                    a4:e5:a3:d9:66:4f:71:9c:da:72:70:3a:ba:a2:2f:
                    cc:b0:cd:b9:17:fd:00:a4:ac:de:fb:86:e8:05:ed:
                    fd:e0:69:b0:3a:53:48:f3:e4:97:a8:31:a8:42:17:
                    6c:8c:81:ca:8e:6c:8f:52:37:da:d7:eb:04:9d:b3:
                    21:99:57:8b:1b:72:07:89:5f:d1:de:9d:8b:21:93:
                    f8:14:ed:49:02:ed:80:31:7e:c4:c3:d7:99:09:3d:
                    27:42:bf:df:d9:e8:df:a3:98:f9:15:ad:5f:ee:38:
                    8b:98:83:c7:df:f7:4d:fd:4c:a5:e1:cb:23:16:2a:
                    4b:63:5c:14:f9:7c:21:08:05:3f:2e:13:0f:f8:dd:
                    27:bb:8e:9d:50:62:74:3e:33:4a:2e:d0:cb:0a:fd:
                    6c:dc:b8:ca:c7:d1:88:a1:42:67:f6:7a:47:b6:da:
                    94:4d:87:e8:69:b9:f8:9a:ea:30:8a:ab:ce:07:a4:
                    96:fc:a3:c1:24:6c:55:59:0d:a0:67:0f:58:48:31:
                    25:7e:6e:16:e6:f4:1d:5a:3d:b7:a8:f6:4a:c3:da:
                    2c:b8:58:e1:f9:63:1b:a6:a0:f3:0c:ed:2a:2d:5f:
                    d3:c7:eb:bd:a0:ef:2b:4c:5e:f1:da:f6:27:bb:da:
                    a1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                89:FC:C5:42:1A:84:B4:F1:1A:B8:2C:48:2A:6A:D4:4F:62:D8:2F:D6
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:erp.faststage.de, DNS:fahrradgarage.online, DNS:garden-cube.eu, DNS:www.fahrradgarage.online, DNS:www.garden-cube.eu
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 21 08:10:18.642 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:87:53:5E:EE:A6:A1:DB:07:FA:C6:
                                25:C8:86:0D:A2:2E:07:DA:E2:78:B3:A7:ED:88:3C:4B:
                                A1:83:84:07:35:02:21:00:B8:B4:5E:69:9B:A9:F4:23:
                                5E:0E:4A:E2:9E:90:17:6F:6A:7F:76:7F:6B:CE:13:69:
                                A0:8A:31:79:43:BE:C7:E6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 21 08:10:19.042 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4A:D9:90:F6:73:DD:7B:DC:88:22:37:74:
                                80:92:A5:5F:11:B8:5F:B9:2C:03:73:F6:35:1B:C9:25:
                                89:BA:D5:61:02:20:0E:B9:CD:FF:CE:6C:CB:DE:06:0F:
                                D2:AA:95:C2:2D:54:94:DF:1B:6B:6D:96:EB:03:1D:4A:
                                8D:C8:74:AF:EC:59
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7c:94:64:5e:06:34:6e:6a:80:30:46:ae:8d:1c:20:3d:5f:de:
        d7:26:8a:48:10:c0:36:1e:f2:51:2e:67:70:84:f7:d9:f6:06:
        e8:91:50:47:a9:03:b8:5e:a1:81:6e:b7:08:c9:26:d2:26:4a:
        3d:d3:be:db:79:90:cb:34:5d:7f:88:ab:fc:95:0d:23:14:f3:
        1f:ae:9b:46:f7:f8:84:e9:5e:4b:63:36:ae:54:cd:84:90:b2:
        f8:4e:1b:a1:c9:a1:0b:b3:df:47:ce:4d:c4:83:da:22:e4:ac:
        8e:2f:92:62:3e:37:f7:45:81:69:1a:e2:8b:8b:43:76:ca:25:
        e4:d5:36:5d:f1:e9:d3:f9:70:2c:6d:e1:66:7b:21:d8:35:d5:
        e7:be:50:71:05:50:96:55:c9:1b:8e:70:4b:6f:8d:13:97:60:
        5b:f2:b5:1d:7c:d9:00:31:92:81:68:0e:3d:ab:36:d3:b9:8e:
        11:0c:68:ea:a3:e9:f1:28:bf:f9:f9:86:5d:7c:24:82:e8:70:
        9e:cc:2c:98:26:80:7d:af:10:d2:5b:5b:98:83:13:37:48:83:
        04:74:41:ce:7f:85:c8:ea:b8:f4:b2:36:db:8b:61:57:09:93:
        04:43:f0:7d:d6:d1:72:a9:53:12:81:c8:9b:44:f4:b3:ee:c9:
        79:7f:bc:83

167330483 | 2024-05-07T01:45:29.383701

8069 / tcp

HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Set-Cookie: frontend_lang=de_DE; Expires=Wed, 07-May-2025 01:45:29 GMT; Max-Age=31536000; Path=/
Set-Cookie: session_id=e09c40c9556162afc15f3914b66009e04e4ca430; Expires=Tue, 14-May-2024 01:45:29 GMT; Max-Age=604800; HttpOnly; Path=/
Connection: close
Server: Werkzeug/1.0.1 Python/3.9.2
Date: Tue, 07 May 2024 01:45:29 GMT

88.99.193.171

Last Seen: 2024-05-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-284224091 | 2024-05-07T17:52:14.811658
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

-1794828111 | 2024-05-06T06:42:54.274512
25 / tcp

Postfix smtpd

950229086 | 2024-04-30T04:08:26.267421
80 / tcp

nginx1.18.0

1056713487 | 2024-04-20T22:16:01.486330
443 / tcp

nginx1.18.0

167330483 | 2024-05-07T01:45:29.383701
8069 / tcp

Products

Pricing

Contact Us

88.99.193.171

Last Seen: 2024-05-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-284224091 | 2024-05-07T17:52:14.811658 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

-1794828111 | 2024-05-06T06:42:54.274512 25 / tcp

Postfix smtpd

950229086 | 2024-04-30T04:08:26.267421 80 / tcp

nginx1.18.0

1056713487 | 2024-04-20T22:16:01.486330 443 / tcp

nginx1.18.0

167330483 | 2024-05-07T01:45:29.383701 8069 / tcp

Products

Pricing

Contact Us

-284224091 | 2024-05-07T17:52:14.811658
22 / tcp

-1794828111 | 2024-05-06T06:42:54.274512
25 / tcp

950229086 | 2024-04-30T04:08:26.267421
80 / tcp

1056713487 | 2024-04-20T22:16:01.486330
443 / tcp

167330483 | 2024-05-07T01:45:29.383701
8069 / tcp