GeneralInformation

Hostnames	buchen.fahr-rudi.at backend.buchen.fahr-rudi.at 194.186.89.34.bc.googleusercontent.com
Domains	fahr-rudi.at googleusercontent.com
Cloud Provider	Google
Cloud Region	europe-west3
Country	Germany
City	Frankfurt am Main
Organization	Google LLC
ISP	Google LLC
ASN	AS396982

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443 1883 4000 4001 61613 61616

22 / tcp

-944410311 | 2025-03-06T19:58:51.247554

SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCmgVQmp8q1pxkf6var3824qMV5qlTrFkz9d9h7leKbdgmV
q+5+BG+2cuvhNA3q/7BZkj9pj6VwovL5yTbEKuxfl8tcMPb2uU75KkpJQIWESu+Avu6los/Mqe19
UZvW8hvACIeSNnHgTfecaX05T6tJ5LzddUVv6uCkj4uciBUxQh4Yhw4ftHhrKHd0zmWag6M+ZvNv
RvZD74G2M819k0bkw2vQ/3gSUc5vhlC1oo50jXjrrl4oXkBxtfQp2RiVkXqMpOyjR4GiK44sUCgv
7QzuzgYrCowgnd4HmmSOpL2GKd4IgQajhVmVjoWozuqSOcHAg8pEKH/DLEtseq+xiukR
Fingerprint: c4:b6:a6:cc:ba:e3:37:5e:6f:ca:9d:be:9e:a3:a9:02

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

64797515 | 2025-02-18T04:51:15.213702

Hashes

hash

-415512431

http.dom_hash

1239617585

http.html_hash

64797515

http.server_hash

1115097976

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.6
Date: Tue, 18 Feb 2025 04:51:15 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://34.89.186.194/

Vulnerabilities

443 / tcp

1892652370 | 2025-03-06T04:38:39.359879

Hashes

hash

-1585344426

http.dom_hash

1239617585

http.html_hash

1892652370

http.server_hash

-796799641

http.title_hash

1964169606

401 Authorization Required

HTTP/1.1 401 Unauthorized
Server: nginx/1.17.9
Date: Thu, 06 Mar 2025 04:38:39 GMT
Content-Type: text/html
Content-Length: 581
Connection: keep-alive
WWW-Authenticate: Basic realm="Administrator Login"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:b9:43:7e:99:cb:a6:f0:b0:8a:5c:f0:41:1d:08:1a:7b:95
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Jan  1 19:32:06 2025 GMT
            Not After : Apr  1 19:32:05 2025 GMT
        Subject: CN=backend.buchen.fahr-rudi.at
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:fc:57:6e:1b:65:bd:fa:f9:5a:b0:73:af:03:75:
                    dc:5b:66:1d:61:a7:d5:7d:41:30:df:82:a1:6a:a1:
                    e9:21:d6:7b:6e:6a:e8:43:80:09:39:b2:5b:78:c1:
                    eb:bb:e4:38:ab:93:8d:e9:0e:87:e9:35:15:a7:bb:
                    83:6c:16:ab:42:df:dd:48:09:e4:76:c0:55:10:54:
                    5f:9c:9c:a7:2c:01:93:72:da:67:07:1a:7b:5c:06:
                    05:60:a7:16:66:19:fe:c2:0f:9f:dc:f5:b6:60:16:
                    6c:1f:e3:3f:54:0d:d1:dd:29:f9:26:50:1c:9d:16:
                    59:9c:a4:8b:97:a6:2b:f7:33:3f:59:df:c9:4d:a2:
                    27:2e:18:49:b5:2f:e6:f6:65:63:af:48:5a:c4:18:
                    d8:b6:b8:ad:5c:c3:a5:dd:3a:a6:80:4a:4c:a2:dd:
                    98:22:d9:b5:30:10:2f:e2:26:5c:07:01:8d:3c:2d:
                    ef:7a:46:64:b2:11:c9:61:94:c9:8f:c8:2d:6d:ca:
                    71:2d:e5:33:82:6b:8b:9b:21:93:74:8f:86:61:0f:
                    84:1b:9c:99:64:e6:ac:dd:6f:48:67:ae:75:0e:81:
                    8c:47:9e:ae:7c:fa:29:c4:66:e1:b7:83:54:4c:fa:
                    7d:ce:3e:70:c6:36:6f:cb:0a:eb:35:c0:66:28:47:
                    82:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                C3:46:5D:63:B5:BC:77:31:D0:7C:8B:F4:A4:94:EA:7F:E6:50:7E:09
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:backend.buchen.fahr-rudi.at, DNS:buchen.fahr-rudi.at
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Jan  1 20:30:36.670 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5E:31:B9:42:61:B1:66:31:AA:C4:60:03:
                                EF:57:8D:17:11:DB:8B:0B:69:72:C4:D2:6E:C0:2E:CC:
                                E7:8B:2B:A5:02:21:00:C5:19:CA:90:39:03:05:5B:4C:
                                FE:38:E2:E6:68:83:62:83:BE:5F:88:9E:55:87:37:D8:
                                DA:B2:0F:01:A9:FF:EA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Jan  1 20:30:36.847 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2A:8A:08:51:C3:22:32:63:AE:6A:A1:1B:
                                3E:2C:B8:E1:37:DA:A1:E9:16:76:6E:57:BF:D9:3B:BA:
                                36:A7:02:58:02:21:00:D9:C6:97:B4:88:98:33:F5:1B:
                                16:A2:02:CD:5A:19:6C:D6:45:8B:3B:B9:94:BF:68:EF:
                                9E:F7:DA:D8:07:46:89
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        52:81:eb:68:76:6e:ef:38:07:62:6d:6c:f3:8f:84:a4:7e:3a:
        8f:24:85:5b:31:4d:62:5b:c0:01:99:ba:40:62:42:50:58:63:
        85:1f:56:10:a7:0a:d3:e0:2c:ab:7c:b2:cd:fa:5d:33:63:9e:
        34:13:fe:80:ce:e2:e2:d9:aa:b1:d4:01:a3:5a:7c:23:ec:39:
        09:08:e1:b9:72:d5:13:82:68:d2:e3:ac:7d:72:18:b5:27:90:
        0f:85:fe:e6:03:6b:6b:df:38:83:ad:49:4e:28:c0:05:a6:19:
        d9:f3:fa:a2:94:fa:2c:4b:59:5e:11:40:4b:2f:bc:bd:6f:8a:
        7a:a6:34:5f:79:c9:ed:77:73:c7:13:ec:de:8b:20:74:6c:3b:
        74:06:3f:8e:d0:62:c0:9d:5f:d3:ba:34:b6:15:52:87:09:1e:
        41:11:29:a0:f0:f6:9d:6e:44:8a:63:cc:2e:10:ff:81:34:7c:
        54:74:72:74:20:18:1f:6b:3f:e8:2b:34:e4:2e:1e:fd:bd:f6:
        93:64:45:bb:5f:69:65:d6:26:60:19:c0:cc:ca:68:52:be:84:
        6b:2a:b6:f9:fb:38:59:fe:86:7f:42:9b:10:88:f3:eb:1a:6d:
        fe:df:c0:33:07:16:54:a9:1a:01:0e:c0:d4:df:dd:40:68:a9:
        97:2f:c8:e0

Vulnerabilities

1883 / tcp

-1278912815 | 2025-02-23T20:31:54.462253

MQTT Connection Code: 5

Topics:

4000 / tcp

-2039836811 | 2025-03-08T15:27:13.535301

HTTP/1.1 400 Bad Request
Server: nginx/1.17.9
Date: Sat, 08 Mar 2025 15:27:13 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.17.9</center>
</body>
</html>

Vulnerabilities

4001 / tcp

-1036681161 | 2025-03-06T04:38:36.655413

Hashes

hash

-2005301910

http.dom_hash

1239617585

http.html_hash

-1036681161

http.server_hash

-796799641

http.title_hash

272813868

307 Temporary Redirect

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 06 Mar 2025 04:38:36 GMT
Content-Type: text/html
Content-Length: 171
Connection: close
Location: https://34.89.186.194:4001/

Vulnerabilities

61613 / tcp

45276885 | 2025-02-28T09:40:49.123000

ERROR\ncontent-type:text/plain\nmessage:Unknown STOMP action: HELP\n\norg.apache.activemq.transport.stomp.ProtocolException: Unknown STOMP action: HELP\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:258)\n\tat org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)\n\tat org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)\n\tat org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:233)\n\tat org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:215)\n\tat java.lang.Thread.run(Thread.java:750)\n\x00\n

61616 / tcp

100908965 | 2025-03-05T09:38:14.545967

<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled	CacheSizeProviderName	ActiveMQStackTraceEnabledPlatformDetails	JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInactivityDurationu0 MaxInactivityDurationInitalDelay'ProviderVersion	5.15.16

34.89.186.194

Last Seen: 2025-03-08

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

22 / tcp

-944410311 | 2025-03-06T19:58:51.247554

OpenSSH7.4p1 Debian 10+deb9u7

80 / tcp

64797515 | 2025-02-18T04:51:15.213702

Hashes

nginx1.19.6

443 / tcp

1892652370 | 2025-03-06T04:38:39.359879

Hashes

nginx1.17.9

1883 / tcp

-1278912815 | 2025-02-23T20:31:54.462253

MQTT

4000 / tcp

-2039836811 | 2025-03-08T15:27:13.535301

nginx1.17.9

4001 / tcp

-1036681161 | 2025-03-06T04:38:36.655413

Hashes

nginx1.17.9

61613 / tcp

45276885 | 2025-02-28T09:40:49.123000

Apache ActiveMQ

61616 / tcp

100908965 | 2025-03-05T09:38:14.545967

Products

Pricing

Contact Us

34.89.186.194

Last Seen: 2025-03-08

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Port 4000 Port 4001 Latest CVSS

OpenPorts

22 / tcp -944410311 | 2025-03-06T19:58:51.247554

OpenSSH7.4p1 Debian 10+deb9u7

80 / tcp 64797515 | 2025-02-18T04:51:15.213702

Hashes

nginx1.19.6

443 / tcp 1892652370 | 2025-03-06T04:38:39.359879

Hashes

nginx1.17.9

1883 / tcp -1278912815 | 2025-02-23T20:31:54.462253

MQTT

4000 / tcp -2039836811 | 2025-03-08T15:27:13.535301

nginx1.17.9

4001 / tcp -1036681161 | 2025-03-06T04:38:36.655413

Hashes

nginx1.17.9

61613 / tcp 45276885 | 2025-02-28T09:40:49.123000

Apache ActiveMQ

61616 / tcp 100908965 | 2025-03-05T09:38:14.545967

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-944410311 | 2025-03-06T19:58:51.247554

80 / tcp

64797515 | 2025-02-18T04:51:15.213702

443 / tcp

1892652370 | 2025-03-06T04:38:39.359879

1883 / tcp

-1278912815 | 2025-02-23T20:31:54.462253

4000 / tcp

-2039836811 | 2025-03-08T15:27:13.535301

4001 / tcp

-1036681161 | 2025-03-06T04:38:36.655413

61613 / tcp

45276885 | 2025-02-28T09:40:49.123000

61616 / tcp

100908965 | 2025-03-05T09:38:14.545967