GeneralInformation

Hostnames	vmi1773051.contaboserver.net
Domains	contaboserver.net
Country	Germany
City	Düsseldorf
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 80 2000 3389 4000 5357 5985 8333

-1807823325 | 2024-05-28T13:42:24.966364

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDrTwHq4xkhFUlSUwUNFwlcgH3LpRUBUijpzSVpvBHi1wDV
yklEjc9pGB91kMq+TqyeartdePTi2CCSeNR4uaLHMlWz1ybdpmiXpiN/u9gJ+HAD5GWVjpJaO6wq
qC0XLIBjHHJfPKNSNFhAXrWAglq5mqpqA522nPFS/656h/axV8TS+86CKlcVyLu3F6uRt8/ozAB6
yTX8yWVhfTiH+lO93jCyc1BY7QZ7H2BbMtrDZ9U2yIhhkeYVPvPeCGxJGBV6yGnW1PIQniBwgFU4
vbzw676XZOkZqppMq38xGa5cWKmigwoUC/tdPdgtEGJCnv9lD3El2tPq1MRyfb9kDoVmQ0Uak2uM
lmCxbQar6ACkK/ebp9laZginlJ5pxfyVpAyTkSaGn8H68fTBeXn3VNoDB5XZD0se7g8skdloo9yg
xycJDQ9NgtpAPtC9RbA/prXVbk7KSWENZciCfPQetJl1Aun9fJAX64jJomxUdWwviTk6RyRJM3OJ
hWNkdorp6LtOEC7Qja7/ez5dt2tdtxhd+EKIzGCMiO/2Ga9yTbNdz+2mhVx/uMntFR3zuxgsiteM
IsW6pKRY3O4K3vfu9o9B9gdXD8gTiRgblcOxKdvDcfzgFZ7kuCmx9XN2FJcezz5IhIHYg+OFedvc
WcSJEDJ02EogiESclVtEWrTXzpTfpw==
Fingerprint: 36:44:8b:24:83:e0:9e:7c:89:6c:a8:e2:90:f7:55:1d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

474656253 | 2024-05-21T17:00:13.467866

80 / tcp

Umbrel

HTTP/1.1 200 OK
Server: nginx/1.17.8
Date: Tue, 21 May 2024 17:00:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1093
Connection: keep-alive
Content-Disposition: inline; filename="index.html"
Accept-Ranges: bytes
ETag: "8f2da5d2bef342eb8cba36de54ec02b38e0d6b09"
Vary: Accept-Encoding

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

-1246004407 | 2024-05-25T21:56:26.124049

2000 / tcp

HTTP/1.1 400 Bad Request
Connection: close

-540925142 | 2024-06-12T22:03:40.240128

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: WIN-GTL1KFJ3TI7
  NetBIOS Domain Name: WIN-GTL1KFJ3TI7
  NetBIOS Computer Name: WIN-GTL1KFJ3TI7
  DNS Domain Name: WIN-GTL1KFJ3TI7
  FQDN: WIN-GTL1KFJ3TI7

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:d6:e2:52:76:e5:25:88:49:6f:ac:40:99:60:2d:43
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WIN-GTL1KFJ3TI7
        Validity
            Not Before: May 29 01:53:07 2024 GMT
            Not After : Nov 28 01:53:07 2024 GMT
        Subject: CN=WIN-GTL1KFJ3TI7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:aa:4a:0f:bb:06:43:6c:81:2a:8a:fb:bd:f9:e2:
                    13:a4:91:57:1c:dc:6d:b3:d5:f7:c3:22:6b:23:8f:
                    1f:73:83:11:f1:c2:ae:45:80:e9:58:e8:8a:94:8c:
                    7f:8b:a3:22:b2:c1:8c:c5:6b:82:2b:24:a8:41:b6:
                    22:cf:83:85:a3:66:53:15:8c:76:0f:7e:b3:23:b8:
                    0b:c5:7b:77:82:dc:89:3c:1e:2c:68:f1:d6:a8:a2:
                    55:5e:33:77:6c:59:67:67:89:1b:d0:4c:22:01:1c:
                    fe:28:cf:23:1c:db:a7:4f:03:37:a4:d4:49:aa:3e:
                    40:b2:86:6f:fe:52:0c:36:9d:29:25:01:6b:d2:77:
                    24:ce:8b:06:41:cb:4e:20:87:c5:28:7b:b1:ce:45:
                    6f:30:67:fe:0f:c4:3e:6b:dd:28:ea:d4:2d:c8:24:
                    d5:cc:d7:fd:92:77:17:21:82:4b:2b:eb:25:91:b8:
                    09:6c:50:75:7d:b5:57:a1:a6:ea:0f:1e:64:40:8e:
                    a9:ae:8d:42:cc:b8:75:42:1f:3d:cd:7e:17:54:be:
                    e2:07:26:86:10:e3:fe:e2:10:ec:ac:9e:6d:95:74:
                    7d:1b:18:ef:f3:8e:b7:5a:ba:00:95:28:c5:a1:05:
                    c1:09:7a:82:84:de:cd:6e:39:7f:ee:1c:16:11:5e:
                    61:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:2c:3e:a5:49:c0:e2:c6:33:b3:d8:63:2f:28:cf:a8:9f:64:
        44:ea:b0:4d:84:91:4e:d9:29:01:f4:0b:53:46:b0:7b:27:b3:
        af:b6:59:a4:ae:5c:2f:c1:1a:8e:9b:a6:38:86:2e:24:0f:36:
        54:6e:f5:a2:ee:aa:57:9f:7c:c0:be:0d:27:f1:e8:f4:15:26:
        5f:d0:a9:9b:31:59:7c:26:fb:a3:04:fc:c0:a6:8e:ce:62:b6:
        e7:f5:63:63:0a:cf:19:d2:ae:af:a5:4d:67:3d:ec:5e:19:19:
        61:86:3f:da:b3:f1:c7:7d:3a:3f:0c:b7:c7:27:bf:9d:5b:39:
        f2:a4:06:c0:ea:a6:20:51:ac:f2:d2:3f:80:ba:d6:8f:14:54:
        b8:36:3e:a2:ba:80:95:39:0c:54:41:c3:30:19:ed:04:1d:78:
        44:ff:44:f3:86:f0:9e:c1:8f:72:da:58:d9:78:76:b1:03:98:
        3d:7a:e6:27:09:7d:bd:02:35:35:dc:ad:b9:a6:89:84:22:72:
        09:94:33:da:00:05:42:84:d6:df:ba:86:df:fe:e1:4e:47:ad:
        49:99:b0:a2:51:6f:9e:f2:6e:7f:d9:e2:ac:a2:e4:b2:b6:53:
        eb:41:dc:0f:9d:15:42:f1:7c:38:f5:d1:40:77:ce:7e:c8:58:
        60:db:10:46

-1246004407 | 2024-05-28T03:08:28.860892

4000 / tcp

HTTP/1.1 400 Bad Request
Connection: close

-1684583448 | 2024-06-16T04:10:18.407549

5357 / tcp

Service Unavailable

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 16 Jun 2024 04:10:18 GMT
Connection: close
Content-Length: 326

1489525118 | 2024-06-10T05:33:07.618239

5985 / tcp

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 10 Jun 2024 05:33:07 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: WIN-GTL1KFJ3TI7
  NetBIOS Domain Name: WIN-GTL1KFJ3TI7
  NetBIOS Computer Name: WIN-GTL1KFJ3TI7
  DNS Domain Name: WIN-GTL1KFJ3TI7
  FQDN: WIN-GTL1KFJ3TI7

149.102.138.154

Last Seen: 2024-06-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1807823325 | 2024-05-28T13:42:24.966364
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

474656253 | 2024-05-21T17:00:13.467866
80 / tcp

nginx1.17.8

-1246004407 | 2024-05-25T21:56:26.124049
2000 / tcp

-540925142 | 2024-06-12T22:03:40.240128
3389 / tcp

Remote Desktop Protocol

-1246004407 | 2024-05-28T03:08:28.860892
4000 / tcp

-1684583448 | 2024-06-16T04:10:18.407549
5357 / tcp

1489525118 | 2024-06-10T05:33:07.618239
5985 / tcp

WinRM

Products

Pricing

Contact Us

149.102.138.154

Last Seen: 2024-06-16

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Latest CVSS

OpenPorts

-1807823325 | 2024-05-28T13:42:24.966364 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

474656253 | 2024-05-21T17:00:13.467866 80 / tcp

nginx1.17.8

-1246004407 | 2024-05-25T21:56:26.124049 2000 / tcp

-540925142 | 2024-06-12T22:03:40.240128 3389 / tcp

Remote Desktop Protocol

-1246004407 | 2024-05-28T03:08:28.860892 4000 / tcp

-1684583448 | 2024-06-16T04:10:18.407549 5357 / tcp

1489525118 | 2024-06-10T05:33:07.618239 5985 / tcp

WinRM

Products

Pricing

Contact Us

Vulnerabilities

-1807823325 | 2024-05-28T13:42:24.966364
22 / tcp

474656253 | 2024-05-21T17:00:13.467866
80 / tcp

-1246004407 | 2024-05-25T21:56:26.124049
2000 / tcp

-540925142 | 2024-06-12T22:03:40.240128
3389 / tcp

-1246004407 | 2024-05-28T03:08:28.860892
4000 / tcp

-1684583448 | 2024-06-16T04:10:18.407549
5357 / tcp

1489525118 | 2024-06-10T05:33:07.618239
5985 / tcp