177.70.28.25
{
"scan_id": 1755174948,
"ip": "177.70.28.25",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "177.70.0.0/19",
"postal_code": "",
"coordinates": {
"latitude": "-22.8305",
"longitude": "-43.2192"
},
"geo_point": "-22.8305, -43.2192",
"locale_code": "en",
"continent": "South America",
"country_code": "BR",
"country_name": "Brazil",
"city": ""
},
"location_updated_at": "2025-08-14T19:49:00Z",
"asn": {
"number": "AS28209",
"organization": "Under Servicos de Internet Ltda",
"country_code": "BR"
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "",
"organization": "",
"descr": "",
"_encoding": {
"raw": ""
}
},
"whois_updated_at": "0001-01-01T00:00:00Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-08-14T19:49:00Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-08-14T18:15:21Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-08-14T19:49:00Z"
}
],
"hostnames": [
{
"name": "none.brasilstream.com.br",
"last_updated_at": "2025-08-16T14:36:32.929873368Z"
}
],
"services": [
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "2.4.59",
"product": "Apache httpd",
"extra_info": "(Debian)",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.4.59",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.4\\.59",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 32257217,
"body_sha256": "08046bc892afe00414f763eb7ab5ef98a029eb695e8786ca501665bcea6b61d5",
"component": [
"Debian",
"Apache HTTP Server:2.4.59"
],
"content_length": 53,
"headers": {
"accept_ranges": [
"bytes"
],
"content_length": [
"53"
],
"content_type": [
"text/html"
],
"date": [
"Thu, 14 Aug 2025 13:38:48 GMT"
],
"etag": [
"\"35-61cf83a841de0\""
],
"last_modified": [
"Thu, 11 Jul 2024 12:51:59 GMT"
],
"server": [
"Apache/2.4.59 (Debian)"
]
},
"protocol": "HTTP/1.1",
"status_code": 200
}
},
"cve": [
{
"id": "CVE-2024-38474",
"severity": "critical"
},
{
"id": "CVE-2024-38476",
"severity": "critical"
},
{
"id": "CVE-2024-38477",
"severity": "high"
}
],
"url": "http://177.70.28.25/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-14T13:38:51.071Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "2.4.59",
"product": "Apache httpd",
"extra_info": "(Debian)",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.4.59",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.4\\.59",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1631179875,
"body_sha256": "3216fee03699c2da6a2c87da2fc10457230bcb292a2f75dc60fb9df1e92f2bdc",
"component": [
"Debian",
"Apache HTTP Server:2.4.59"
],
"content_length": -1,
"headers": {
"cache_control": [
"no-store, no-cache, must-revalidate"
],
"content_type": [
"text/html; charset=UTF-8"
],
"date": [
"Thu, 14 Aug 2025 05:58:21 GMT"
],
"expires": [
"Thu, 19 Nov 1981 08:52:00 GMT"
],
"pragma": [
"no-cache"
],
"server": [
"Apache/2.4.59 (Debian)"
],
"set_cookie": [
"PHPSESSID=80r6onbdjut0ntha1uabirkfk6; path=/"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"body_murmur": 2095243089,
"body_sha256": "0c29522090e237f5767bd4d2fe45f122bdd2c0928977c4487055565daa69402d",
"content_length": -1,
"location": "login.php",
"status_code": 302,
"status_line": "302 Found"
}
],
"status_code": 200
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://e5.i.lencr.org/"
]
},
"authority_key_id": "9f2b5fcf3c214f9d04b7ed2b2cc4c6708bd2d70d",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://e5.c.lencr.org/67.crl"
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
},
"subject_alt_name": {
"dns_names": [
"thema.acessocloud.com"
]
},
"subject_key_id": "2d450a2de69069adb292bcc86dcfa76295340180"
},
"fingerprint_md5": "CC8874DCE701FCC914F5E08502AFB783",
"fingerprint_sha1": "3D4AEEBBE5239E84E68AB5726E965B468BDFD7B1",
"fingerprint_sha256": "5FF644D83EAC95F8CEB25A74F2C4877D02E455F806099B37403C47D47339F56B",
"issuer": {
"common_name": [
"E5"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"jarm": "27d40d40d00040d00042d43d000000b5ce48eb9aaa95d750e8df42b900e12b",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2025-08-23T06:57:14",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "601783916564711220046026203391740695954370",
"signature": {
"algorithm": {
"name": "ecdsa-with-SHA384",
"oid": "1.2.840.10045.4.3.3"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "7d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b8",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304402200ade1e7526841c88bc31f6cbde13d9361f527163f5e23f56cdb283cf3d3d664a0220573df9fa0013695181af33791845cd621490367a1acf0aafd123f0669f0db96b"
},
"timestamp": "2025-07-07T09:10:50.097000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100f805118142b9fb2fdd12da8061512dd4179a658a91c622d1e74841c9b89a499a022024a77e18837af92a88565dad29b847d57277314a3de981f4e7d70fc32a0dec83"
},
"timestamp": "2025-07-07T09:10:50.133000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"thema.acessocloud.com"
]
},
"subject_alt_name": {
"dns_names": [
"thema.acessocloud.com"
],
"extended_dns_names": [
{
"domain": "acessocloud",
"fld": "acessocloud.com",
"subdomain": "thema",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "ecdsa",
"dh": [],
"dsa": [],
"ecdsa": {
"b": "\"Zc65d8aa:93e7b3ebbdUv9886bce1d06b0ccSb0f6;ce<>'d2`K\"",
"curve": "p256",
"gx": "k17d1f2e1,BGf8bce6e5ca4@f2w03}81-eb3a0f4a19Ed898c296",
"gy": "Oe3Be2fe1a7f9b8ee7ebJ|0f9e16+ce3Wk1^cecbb6@h7bfQf5",
"length": 256,
"p": "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
"x": "35371006195986847873241095542952991118493522251462032728730162481729565120210",
"y": "115248433385165240131151802969265980439532523561529947257895163242942369549122"
},
"fingerprint_sha256": "cf4c8becd4e6d99ee44669cb61ec041235790f69f2cdee11e17b57bb90cf001b",
"key_algorithm": "Elliptic_curve_cryptography",
"rsa": []
},
"tbs_fingerprint": "fbbe5ae2b7a850ab5d83d53ae9cd9fd8b51e78b2ea415d8acc2f74d88e10f487",
"tbs_noct_fingerprint": "72dade2b67adb1d458ce6df7269107ab0aeca1791815943bc39ca176e55c11c2",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2025-10-05T08:12:19",
"not_before": "2025-07-07T08:12:20"
},
"version": 2
},
"fingerprint_sha256": "5FF644D83EAC95F8CEB25A74F2C4877D02E455F806099B37403C47D47339F56B",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-2024-38474",
"severity": "critical"
},
{
"id": "CVE-2024-38476",
"severity": "critical"
},
{
"id": "CVE-2024-38477",
"severity": "high"
}
],
"url": "https://177.70.28.25/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-14T07:02:10.155Z"
},
{
"port": 5000,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body_murmur": -1060095501,
"body_sha256": "52c1e7a2c36be28c42455fe1572d7d7918c3180cad99a2b82daa2a38a7e7bb23",
"content_length": 139,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"139"
],
"content_security_policy": [
"default-src 'none'"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Sat, 16 Aug 2025 13:10:09 GMT"
],
"unknown": [
{
"key": "keep_alive",
"value": [
"timeout=5"
]
}
],
"x_content_type_options": [
"nosniff"
]
},
"protocol": "HTTP/1.1",
"status_code": 404,
"title": "Error"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://e5.i.lencr.org/"
]
},
"authority_key_id": "9f2b5fcf3c214f9d04b7ed2b2cc4c6708bd2d70d",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://e5.c.lencr.org/67.crl"
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
},
"subject_alt_name": {
"dns_names": [
"thema.acessocloud.com"
]
},
"subject_key_id": "2d450a2de69069adb292bcc86dcfa76295340180"
},
"fingerprint_md5": "CC8874DCE701FCC914F5E08502AFB783",
"fingerprint_sha1": "3D4AEEBBE5239E84E68AB5726E965B468BDFD7B1",
"fingerprint_sha256": "5FF644D83EAC95F8CEB25A74F2C4877D02E455F806099B37403C47D47339F56B",
"issuer": {
"common_name": [
"E5"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"jarm": "27d27d27d00000000042d42d0000001f361a1bf80ed39a1e352adeb016a07b",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2025-08-25T12:49:49",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "601783916564711220046026203391740695954370",
"signature": {
"algorithm": {
"name": "ecdsa-with-SHA384",
"oid": "1.2.840.10045.4.3.3"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "7d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b8",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304402200ade1e7526841c88bc31f6cbde13d9361f527163f5e23f56cdb283cf3d3d664a0220573df9fa0013695181af33791845cd621490367a1acf0aafd123f0669f0db96b"
},
"timestamp": "2025-07-07T09:10:50.097000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100f805118142b9fb2fdd12da8061512dd4179a658a91c622d1e74841c9b89a499a022024a77e18837af92a88565dad29b847d57277314a3de981f4e7d70fc32a0dec83"
},
"timestamp": "2025-07-07T09:10:50.133000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"thema.acessocloud.com"
]
},
"subject_alt_name": {
"dns_names": [
"thema.acessocloud.com"
],
"extended_dns_names": [
{
"domain": "acessocloud",
"fld": "acessocloud.com",
"subdomain": "thema",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "ecdsa",
"dh": [],
"dsa": [],
"ecdsa": {
"b": "\"Zc65d8aa:93e7b3ebbdUv9886bce1d06b0ccSb0f6;ce<>'d2`K\"",
"curve": "p256",
"gx": "k17d1f2e1,BGf8bce6e5ca4@f2w03}81-eb3a0f4a19Ed898c296",
"gy": "Oe3Be2fe1a7f9b8ee7ebJ|0f9e16+ce3Wk1^cecbb6@h7bfQf5",
"length": 256,
"p": "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
"x": "35371006195986847873241095542952991118493522251462032728730162481729565120210",
"y": "115248433385165240131151802969265980439532523561529947257895163242942369549122"
},
"fingerprint_sha256": "cf4c8becd4e6d99ee44669cb61ec041235790f69f2cdee11e17b57bb90cf001b",
"key_algorithm": "Elliptic_curve_cryptography",
"rsa": []
},
"tbs_fingerprint": "fbbe5ae2b7a850ab5d83d53ae9cd9fd8b51e78b2ea415d8acc2f74d88e10f487",
"tbs_noct_fingerprint": "72dade2b67adb1d458ce6df7269107ab0aeca1791815943bc39ca176e55c11c2",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2025-10-05T08:12:19",
"not_before": "2025-07-07T08:12:20"
},
"version": 2
},
"fingerprint_sha256": "5FF644D83EAC95F8CEB25A74F2C4877D02E455F806099B37403C47D47339F56B",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://177.70.28.25:5000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-16T13:10:10.797Z"
},
{
"port": 5432,
"protocol": "tcp",
"name": "postgresql",
"version": "16.0 - 16.2",
"product": "PostgreSQL DB",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:postgresql:postgresql:16",
"part": "a",
"vendor": "postgresql",
"product": "postgresql",
"version": "16",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"postgres": {
"errors": [
{
"code": "0A000",
"file": "postmaster.c",
"line": "2145",
"message": "protocolo do cliente 255.255 não tem suporte: servidor suporta 3.0 a 3.0",
"routine": "ProcessStartupPacket",
"severity": "FATAL"
},
{
"code": "0A000",
"file": "postmaster.c",
"line": "2145",
"message": "protocolo do cliente 0.0 não tem suporte: servidor suporta 3.0 a 3.0",
"routine": "ProcessStartupPacket",
"severity": "FATAL"
},
{
"code": "0A000",
"file": "postmaster.c",
"line": "2145",
"message": "protocolo do cliente 0.0 não tem suporte: servidor suporta 3.0 a 3.0",
"routine": "ProcessStartupPacket",
"severity": "FATAL"
}
],
"is_ssl": true,
"supported_versions": "SFATAL\u0000VFATAL\u0000C0A000\u0000Mprotocolo do cliente 0.0 não tem suporte: servidor suporta 3.0 a 3.0\u0000Fpostmaster.c\u0000L2145\u0000RProcessStartupPacket"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"subject_alt_name": {
"dns_names": [
"themaveiculos"
]
},
"subject_key_id": "544b13ffd9bcb010d709c65c7f4022dc8fdcb34f"
},
"fingerprint_md5": "AD8FECA050D719981B8F9155CE715F07",
"fingerprint_sha1": "86458E099609D087D47A16ECB3636428569116FE",
"fingerprint_sha256": "E92DB06B3DBDE31328A2EFDA4C7BA3FC80A4047141F30462A36167E2E1DB900A",
"issuer": {
"common_name": [
"themaveiculos"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "128109111238029451096435928453100065507452812171",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true
},
"subject": {
"common_name": [
"themaveiculos"
]
},
"subject_alt_name": {
"dns_names": [
"themaveiculos"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "35aec248e9bb0511f92dcc561e44985d4c55a70b1fb30c88bf8309c5402df310",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "6a4b99cc006ce534ef9992205d2bf7b796504e987201598a47a1a2e45825205c",
"validation_level": "DV",
"validity": {
"length_seconds": 315360000,
"not_after": "2034-07-09T12:04:35",
"not_before": "2024-07-11T12:04:35"
},
"version": 2
},
"fingerprint_sha256": "E92DB06B3DBDE31328A2EFDA4C7BA3FC80A4047141F30462A36167E2E1DB900A",
"precert": false,
"tags": [
"dv",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-15T08:06:19.097Z"
}
],
"services_hash": "2fa33eae747c8b3bf9d2783f63e50f001650758f12c511e480fa3db53b430892",
"last_updated_at": "2025-08-16T13:10:10.797Z",
"banner": [
"postgres",
"tls",
"http"
],
"is_vuln": true,
"cveDetails": {
"CVE-2024-38474": {
"id": "CVE-2024-38474",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-116"
},
"CVE-2024-38476": {
"id": "CVE-2024-38476",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-829"
},
"CVE-2024-38477": {
"id": "CVE-2024-38477",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/10",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2024-40898": {
"id": "CVE-2024-40898",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2024/07/17/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240808-0006/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue. ",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-918"
}
}
}