GeneralInformation

Hostnames	vmi1506715.contaboserver.net softwarecove.net
Domains	contaboserver.net softwarecove.net
Country	Germany
City	Düsseldorf
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 2375

-1289247233 | 2024-05-31T17:55:44.840445

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDSEKQ72D5+kyXHmFl5Jvb0SBS2JM/STh1qYJq/LNRVp4pk
O3fyuyvCjHbciePT3FHt/okOZVSlm7AWY/pgRjaWCWRTKF8rVK15Wo1/ly3Gb7AkpjcohzxbxU7d
IGHbIIV8akgf+3NhQXx7p4N7AqAj4QE5HiW/1SLLDsmBGaqY8pWyQ1iuZCqfY4ViwCHRy4hTmkWU
lVv1jTHUVziTJmRgpNy8semWrgeeZOvNQJlxZtZgE6iaW7meHnRTSkHw9kaL4RkWYzbWjCGisGAC
4IsP8RlXiORLvZTTqFjhU9tLrweSb/w+JJdFrZ5dyskgbYAh67+CCSoulp3JnE5JkQeDlU4SlPgK
ODj4leNg3pVYEhjjiqeikR5H3k0rUYpvc8ge5f4RlRTlOZbMVQo0K8CeGLK+p0wycQMQ95hqCNCG
IxtMRHlyiXbG3lokMFWgu2veVwn7ergwZg2RExX4iiObjIVeR0kHwMgL+PPLfE1INH9e10L3iJOG
qTVIAGKi7KfkZCEY9mdRbYzMFSKUfmRogBXO0zp3rPEeCoTHMwSHufCS1ICQpp40Nm+pra40A4xD
vc1k9JloXD3NCZ1SjD1xg//jYItg/rYPPp5+ozWQsrw7lEMq2DJKpeZO7OZHV8QKcUrn8ehwjQrK
twtEl6gUdvcYF2wRc2uqcaMTO8iuAQ==
Fingerprint: 28:3d:80:e8:b0:ee:71:9c:8b:85:7c:db:f5:2e:a6:74

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-05-24T14:51:01.092787

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 May 2024 14:51:00 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Mon, 20 May 2024 19:26:47 GMT
Connection: keep-alive
ETag: "664ba3f7-264"
Accept-Ranges: bytes

780672404 | 2024-05-31T05:25:55.686697

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 May 2024 05:25:55 GMT
Content-Type: text/html
Content-Length: 568
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:b1:01:5c:fd:77:70:8e:f7:44:e4:02:a8:86:b1:a9:30:ae
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: May 24 14:48:14 2024 GMT
            Not After : Aug 22 14:48:13 2024 GMT
        Subject: CN=softwarecove.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:da:bc:d2:0a:5f:f9:c3:5e:cf:9c:52:41:93:18:
                    a5:3a:e7:8e:70:79:25:a5:a7:7e:cc:23:59:21:09:
                    2e:01:ef:1b:79:c3:b4:cf:60:36:c9:e8:4d:d6:7c:
                    57:5c:73:65:b7:47:3c:a0:16:67:0f:d3:1a:bd:5d:
                    9e:09:cc:fb:05:a2:46:ee:b7:5f:89:6b:49:10:dd:
                    5b:b7:41:90:b9:52:d0:b1:48:8f:b2:bf:a1:32:13:
                    77:99:1d:08:3b:ac:fb:26:61:8c:a1:00:af:bc:9f:
                    0c:95:12:1a:87:6b:0b:ba:7c:98:7e:d4:20:5f:09:
                    da:5a:45:bd:5c:d0:76:d7:aa:db:05:78:2a:75:a3:
                    2f:3f:71:ed:60:a7:ad:b6:20:6a:60:e7:a6:72:81:
                    69:ee:38:69:ed:5d:22:10:8f:4c:e4:04:03:43:c3:
                    6d:8c:7c:02:0f:58:21:3a:43:62:31:c0:bc:cb:28:
                    8e:3f:73:9a:52:ba:67:c6:28:d2:9f:56:f2:68:fa:
                    44:35:fd:92:1f:79:72:c5:64:ff:d2:72:1a:90:a9:
                    ac:4c:e4:76:87:34:5b:e8:1d:ab:05:6b:6f:7c:51:
                    d5:b6:21:b7:ac:ff:ea:9f:90:a1:5e:ac:dc:ae:18:
                    21:49:16:8e:b9:13:7c:d0:57:0c:a1:21:0c:d6:b2:
                    d7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FC:A7:CC:10:1E:91:D0:05:B4:55:C5:D6:9E:B5:D9:FB:3B:B5:18:8B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.softwarecove.net, DNS:softwarecove.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : May 24 15:48:14.339 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B6:C8:A2:C3:6A:39:C6:01:9E:CC:58:
                                9D:60:19:0D:3B:7E:28:F0:1C:E3:BA:EE:17:05:B6:E7:
                                50:B2:E3:CA:11:02:20:7D:89:94:A4:9E:D6:DD:85:3D:
                                B2:D4:26:72:37:14:77:0B:C5:0B:37:68:04:AE:D7:9B:
                                64:F6:42:72:F5:7F:7E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : May 24 15:48:14.349 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C8:3A:A7:87:A0:2E:5D:DD:23:E3:22:
                                A5:F1:67:13:C1:81:82:EB:F7:C1:E4:C7:7F:C7:A8:A0:
                                32:EA:C7:EE:AB:02:20:64:87:4E:B2:CC:B0:EC:C5:B6:
                                91:B7:78:A1:E6:D3:32:62:BD:E7:03:9D:9B:C7:92:FF:
                                08:C9:DA:30:D3:11:EB
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:d1:a8:47:94:ca:54:d4:b7:fe:2a:d2:52:e8:c8:90:a2:ee:
        46:41:98:9a:ec:26:c6:b6:08:fb:e0:e1:79:86:ca:17:08:80:
        8d:9c:c8:ff:14:f7:10:88:1f:10:bc:5c:db:c9:42:52:71:ad:
        70:ac:a3:30:dc:d5:e0:72:30:3d:a9:f9:3b:13:47:2e:39:fb:
        39:91:5d:c8:8c:db:ec:ca:20:d0:6f:43:5b:75:ab:6b:79:22:
        fa:35:fc:37:0d:26:0a:4e:dc:9e:70:5b:48:64:76:8f:4b:14:
        ab:83:20:2c:40:83:ad:ca:3d:00:22:66:24:d1:99:22:1b:27:
        59:d3:99:61:a9:e9:b6:91:6c:fc:26:ee:2e:4f:ad:7e:64:01:
        0c:08:c4:83:1e:f0:cc:4d:05:48:3f:30:1b:71:d9:e9:64:3a:
        1e:d7:11:d4:b1:25:84:23:c1:94:c6:da:50:ec:93:7e:6a:d8:
        39:ab:8a:bd:ea:b9:22:aa:bb:86:65:03:2c:aa:62:a9:8e:aa:
        e4:68:d9:72:24:25:c5:9b:28:fc:ce:54:93:96:9d:57:8b:d9:
        af:6d:0d:80:50:63:c5:5f:69:55:ad:29:2d:7f:fe:55:6e:10:
        5e:18:62:3e:eb:e2:c6:92:f4:bb:74:4a:26:0c:a6:b8:6e:13:
        0f:cf:7f:2e

1561587376 | 2024-05-22T03:41:02.460690

2375 / tcp

HTTP/1.1 404 Not Found
Content-Type: application/json
Date: Wed, 22 May 2024 03:41:02 GMT
Content-Length: 29


Docker:
  Version: 26.1.3
  API Version: 1.45
  Go Version: go1.21.10
  OS: Linux 5.4.0-105-generic
  Container #1:
    Image: redis:latest
    Command: docker-entrypoint.sh redis-server
    Names:
      /rediscontainer

158.220.97.49

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1289247233 | 2024-05-31T17:55:44.840445
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-24T14:51:01.092787
80 / tcp

nginx1.18.0

780672404 | 2024-05-31T05:25:55.686697
443 / tcp

nginx1.18.0

1561587376 | 2024-05-22T03:41:02.460690
2375 / tcp

Docker26.1.3

Products

Pricing

Contact Us

158.220.97.49

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1289247233 | 2024-05-31T17:55:44.840445 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-05-24T14:51:01.092787 80 / tcp

nginx1.18.0

780672404 | 2024-05-31T05:25:55.686697 443 / tcp

nginx1.18.0

1561587376 | 2024-05-22T03:41:02.460690 2375 / tcp

Docker26.1.3

Products

Pricing

Contact Us

-1289247233 | 2024-05-31T17:55:44.840445
22 / tcp

1651973090 | 2024-05-24T14:51:01.092787
80 / tcp

780672404 | 2024-05-31T05:25:55.686697
443 / tcp

1561587376 | 2024-05-22T03:41:02.460690
2375 / tcp