GeneralInformation

Hostnames	preview.flexvelop.com
Domains	flexvelop.com
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 443 6379

-1345487542 | 2025-01-13T16:02:06.975851

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB9fulgZpPMLYIuM83m+y+ZU
xc6Xy2Fm93pfWA0y9PNdquq6H8S2X9PmuoY4vmDAymZ5ZdIYP1oKFzHqLExN7co=
Fingerprint: 62:23:41:25:6c:04:10:c3:05:8a:6b:f1:a1:c4:41:81

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1728619538 | 2025-01-13T07:49:23.068142

443 / tcp

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Status: 301 Moved Permanently
location: https://www.flexvelop.de
cache-control: no-cache
vary: Origin
x-runtime: 0.001810
content-security-policy: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: http: 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'
x-request-id: 859d1704-dc1f-4b0a-bc0f-3a71f2e74e92
Date: Mon, 13 Jan 2025 07:49:22 GMT
X-Powered-By: Phusion Passenger(R) 6.0.20
Server: nginx/1.18.0 + Phusion Passenger(R) 6.0.20

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:24:09:b0:ef:c5:e3:ee:de:b4:8f:c4:a9:8a:3f:10:80:31
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Dec 28 22:43:16 2024 GMT
            Not After : Mar 28 22:43:15 2025 GMT
        Subject: CN=preview.flexvelop.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e9:24:92:01:0d:04:83:12:29:89:60:a9:b3:ce:
                    14:da:5d:13:41:e5:ff:54:5c:c6:b8:14:84:c6:cc:
                    41:9c:84:48:1d:cc:14:76:62:94:6b:d6:43:de:53:
                    c1:84:f0:46:ec:6e:a9:e4:e5:dd:12:fa:8e:3f:1a:
                    18:1e:6a:c1:b3:a0:c9:18:91:a6:be:18:2b:f7:3c:
                    44:86:f1:33:eb:68:1c:98:6d:75:16:91:14:6e:99:
                    5b:12:6c:0b:86:f8:c9:27:f3:c9:0a:02:18:83:e9:
                    74:8d:04:81:7e:70:b2:67:24:16:93:0b:15:bc:20:
                    31:25:e5:41:0f:9e:b5:d3:9e:01:e5:fe:1e:e4:4f:
                    d7:82:37:9b:7a:74:86:e3:e6:3a:f5:33:99:7e:2c:
                    62:76:fb:ef:59:cf:b2:aa:01:e0:93:75:c9:1f:a3:
                    73:6f:1c:2d:8b:2c:e9:ff:e0:9f:e6:24:b7:41:e0:
                    f6:77:74:92:03:8e:ef:cf:3d:78:89:3c:99:77:3a:
                    14:92:33:3c:44:2c:37:81:64:40:a6:80:37:b9:fa:
                    39:42:44:98:b9:cb:f6:f3:0f:39:70:60:74:84:fe:
                    cd:53:39:1f:cb:eb:e8:d7:fa:de:81:fd:66:c4:38:
                    14:8e:17:5d:36:52:89:94:49:36:4c:6a:ad:96:79:
                    e0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                21:FE:98:D9:F3:8E:67:6D:9D:B6:20:50:29:B0:72:06:30:EE:9D:58
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:preview.flexvelop.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Dec 28 23:41:46.394 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8F:F3:77:70:A7:47:BA:90:57:5C:E2:
                                2F:72:62:B0:2E:53:99:C1:37:3C:90:C4:F8:3A:40:69:
                                A2:9A:6C:F9:B0:02:20:38:68:1D:C8:49:65:54:AB:A0:
                                ED:91:06:0B:C6:5D:68:36:6D:7F:55:59:AB:83:06:12:
                                72:9D:F5:8E:FB:71:2F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 73:20:22:0F:08:16:8A:F9:F3:C4:A6:8B:0A:B2:6A:9A:
                                4A:00:EE:F5:77:85:8A:08:4D:05:00:D4:A5:42:44:59
                    Timestamp : Dec 28 23:41:46.386 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7D:2D:37:12:1D:C8:CF:BC:B1:38:82:E5:
                                22:82:B7:9A:FF:27:BA:19:5A:49:69:0C:C4:73:AD:50:
                                87:F1:16:C5:02:21:00:8D:94:B9:F4:60:5C:87:20:44:
                                9C:FE:38:E3:F5:45:7D:A4:17:91:0C:2D:8B:73:F5:DF:
                                31:A6:F9:C8:5E:9E:54
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7d:e7:32:4b:15:70:3d:a1:09:37:c8:68:c3:5b:ad:14:f0:e1:
        c8:8d:d0:3a:dd:5d:d9:30:69:86:a9:9c:41:c5:59:24:d0:2f:
        55:84:ad:99:c7:f3:ca:51:1f:95:7d:d9:9f:b5:46:c4:35:56:
        1d:4e:06:0d:b2:33:8a:e5:ff:cd:7f:ec:73:a5:e9:c9:d1:4b:
        93:0d:4b:2b:eb:bb:fe:93:d5:5e:ec:23:df:0b:ef:fc:68:55:
        16:f7:bd:ca:40:c4:4e:cd:45:b7:76:fe:30:a5:87:61:2a:ce:
        61:54:44:c1:6f:65:79:f9:0b:95:fc:f0:72:00:8d:5c:3a:17:
        8b:a1:5a:6d:2b:3a:61:bb:f7:45:f7:d4:00:c4:c2:57:95:46:
        d4:c6:78:76:49:f5:3e:28:07:17:28:b4:07:af:5c:95:28:76:
        3e:4a:69:53:db:cb:82:5d:08:3a:99:84:37:7c:5e:6a:81:d0:
        b3:4b:8e:22:3e:b1:e3:ec:61:31:87:df:dd:45:6c:6e:d2:61:
        2e:64:6a:e6:bb:d9:13:18:d6:bd:e3:c4:78:f9:c1:fe:de:16:
        d1:fb:bb:be:56:bd:29:23:7d:d9:dc:8e:66:29:8b:66:db:50:
        b5:aa:bb:6c:f1:c6:71:a6:7f:a0:d9:cf:97:ec:41:ab:b0:4b:
        84:bf:68:72

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618

-1545777613 | 2025-01-11T19:54:16.469035

6379 / tcp

-DENIED Redis is running in protected mode because protected mode is enabled and no password is set for the default user. In this mode connections are only accepted from the loopback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the '--protected-mode no' option. 4) Set up an authentication password for the default user. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.

64.225.101.246

Last Seen: 2025-01-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1345487542 | 2025-01-13T16:02:06.975851
22 / tcp

OpenSSH8.9p1 Ubuntu 3ubuntu0.10

-1728619538 | 2025-01-13T07:49:23.068142
443 / tcp

nginx1.18.0

-1545777613 | 2025-01-11T19:54:16.469035
6379 / tcp

Products

Pricing

Contact Us

64.225.101.246

Last Seen: 2025-01-13

Tags:

GeneralInformation

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

-1345487542 | 2025-01-13T16:02:06.975851 22 / tcp

OpenSSH8.9p1 Ubuntu 3ubuntu0.10

-1728619538 | 2025-01-13T07:49:23.068142 443 / tcp

nginx1.18.0

-1545777613 | 2025-01-11T19:54:16.469035 6379 / tcp

Products

Pricing

Contact Us

Vulnerabilities

-1345487542 | 2025-01-13T16:02:06.975851
22 / tcp

-1728619538 | 2025-01-13T07:49:23.068142
443 / tcp

-1545777613 | 2025-01-11T19:54:16.469035
6379 / tcp