Hostnames |
alpha.mockdown.cc 178-21-11-180.cloudvps.regruhosting.ru |
Domains | mockdown.cc regruhosting.ru |
Country | Russian Federation |
City | Moscow |
Organization | Reg.Ru Hosting |
ISP | "Domain names registrar REG.RU", Ltd |
ASN | AS197695 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | 7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2021-3618 | 7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
CVE-2021-23017 | 7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-114127057 | 2024-04-13T08:57:59.09397422 / tcp
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4 Key type: ssh-rsa Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCzCl+qnA4tckSOMTd/yDBRrLLbR/1o71LA+xgi445dY7HN KlSmnSBGK9GZub1/RrNkkYnuOZ2PoStB4vaHLbyMTl7s33jYBbEU1QaKk81CUYwx8d7SOUhjmz6c QE6CM+4jQBMYJDbbGvr6KgWbauXEFBopkEejj+R1xdjklYUEVEnEMDXVreZjvYSF+LeF9dy6vwP/ uSBbrtDR8FLutDSe9joFMSAUim+I+EQ7SVYoJ74IZLvUNaJQzwpA6H/vVr6qTK6G6ESEta4RFF+N d/iWSOrPCf2/jiSdV62rIbLsOzj2R21cTE9Fzsdfguqx/qEa/2DOWO7FqiB20izToON5GrIEePL4 MOmDvmjXGif9vTS2BIkriXv4UuZqMYyE48EPPnZsIGUiYPhaV3SCV17pu/JzB7Pr3FMqHeapaAOs YF9YGo3M9AZ3V5VOg9KDvUasflTdUFgaRBISrSOZuUAf7KkqthczVN3HBhnbLxy24ZVcZyw1B8P/ GCNv29rpNa8= Fingerprint: 63:34:e8:d6:55:5e:3e:5c:75:76:70:0c:9c:8c:f9:08 Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
677579724 | 2024-04-15T12:49:38.70418880 / tcp
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Mon, 15 Apr 2024 12:49:38 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive
-1705824772 | 2024-04-14T17:46:48.917013443 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 14 Apr 2024 17:46:48 GMT Content-Type: text/html Content-Length: 1745 Last-Modified: Mon, 18 Mar 2024 23:33:06 GMT Connection: keep-alive ETag: "65f8cf32-6d1" Accept-Ranges: bytes
Certificate: Data: Version: 3 (0x2) Serial Number: 03:2d:c2:ed:6f:04:62:a5:9e:4b:94:99:85:24:6f:6a:d2:2a Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Jan 24 03:44:27 2023 GMT Not After : Apr 24 03:44:26 2023 GMT Subject: CN=alpha.mockdown.cc Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:83:0c:4a:e6:13:2c:18:20:05:bb:3a:83:77:e4: 88:f7:2d:7f:35:a5:4a:10:32:de:fa:d3:2d:de:e6: 25:04:45:fd:ba:31:1e:b2:84:b7:d0:55:8f:e9:ab: 4b:02:7e:ed:d4:5c:69:80:97:dc:e1:66:7a:7f:c1: 5a:d1:18:af:62:13:e1:62:4c:72:94:7d:ac:7c:a7: 11:90:96:79:a6:51:7f:96:e2:04:50:22:65:3d:ba: 8d:44:7e:7b:2f:4c:67:e4:91:81:a3:b0:dc:da:96: ad:ff:ec:87:54:fb:b3:d8:df:70:df:24:fb:25:c0: 01:83:07:6d:a6:67:c1:1c:8d:5d:c9:89:34:81:8e: e3:89:5f:23:d3:4a:76:f2:84:e7:e7:63:1c:ec:d4: c4:ed:a9:0f:37:23:dd:87:4c:b1:d1:5c:81:f6:2e: e2:b6:fa:fc:02:02:ac:22:9b:51:45:2c:a1:02:d2: 85:32:d2:01:70:66:97:4a:12:7d:c7:4d:b3:77:85: be:24:c0:2e:7c:41:bc:64:29:fb:54:88:e7:38:20: 0c:f8:c2:00:b7:ec:d3:ba:67:92:46:bd:ca:f5:20: bb:53:d3:b2:24:e2:ef:3d:2d:9e:15:5a:9c:25:fb: 27:74:94:f8:c2:53:69:05:58:39:e4:08:dc:51:83: 28:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 19:9F:AC:C9:F0:86:63:3C:BB:BB:64:0F:F2:2E:CA:7F:64:DE:0E:04 X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:alpha.mockdown.cc X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84: 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52 Timestamp : Jan 24 04:44:27.664 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:4E:CB:8D:F0:46:29:84:2D:AA:36:C3:37: 9A:6B:D5:53:0C:5F:50:EE:62:37:99:15:BB:16:B7:16: ED:F5:EB:1C:02:20:57:44:86:35:22:F8:6C:A0:B9:B6: 76:01:39:F5:45:12:4A:B9:E7:C8:84:7A:52:F4:5F:8D: 2C:A0:D2:3B:18:0D Signed Certificate Timestamp: Version : v1 (0x0) Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9: 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E Timestamp : Jan 24 04:44:27.645 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:3B:D5:3B:E0:88:DF:48:4E:D8:D3:9D:BB: CE:45:44:50:32:47:46:EF:14:67:6E:79:EF:AF:F5:70: 5A:78:3C:D5:02:20:07:77:84:11:22:49:C1:E3:55:6C: 02:EB:6D:82:8F:53:AE:26:49:91:60:41:A7:61:51:B4: 84:EF:BE:85:54:A4 Signature Algorithm: sha256WithRSAEncryption Signature Value: a4:b6:59:61:01:ae:51:5c:eb:f8:cf:2d:af:b5:46:21:b2:f1: 7b:ad:8a:57:f9:6e:d2:bd:30:0f:f6:cd:68:7f:32:34:31:68: 25:ee:3d:63:35:f6:d4:dd:03:a1:af:94:05:49:5c:e9:d1:b1: 99:53:66:d0:1c:9f:45:b5:a8:7f:9e:7a:0b:9f:68:79:65:67: 9d:2f:cb:48:9a:29:79:ae:1a:0d:14:ca:4e:e6:cc:c8:60:78: b0:ef:45:e7:94:ba:6e:0a:78:17:a1:1c:b9:25:db:3a:ee:72: 13:35:73:3a:01:c3:9b:06:bc:ce:ba:2f:d0:b7:f4:e1:cf:79: 1c:0c:77:53:67:ac:f6:2d:40:8e:52:e4:f5:f7:a3:15:bb:01: b2:df:45:9a:ca:20:37:c6:28:51:6c:c9:31:bc:1d:fd:5e:29: 59:ab:c6:64:ef:0f:f5:9a:2e:5a:8e:84:2e:e2:dd:fb:f2:89: d0:ee:99:1f:5f:9c:36:37:a0:96:8d:17:33:04:5c:17:57:d9: bd:cd:f4:0c:6a:8e:8a:58:a2:76:df:5c:26:34:32:b5:60:e4: 78:32:cc:16:1c:00:fd:3f:41:21:85:9b:77:a3:33:09:48:c5: 7b:ad:cb:78:a2:d0:e7:5b:a8:54:9b:59:c9:b2:34:4e:83:ad: fa:c5:e0:23
872050565 | 2024-04-15T09:38:14.0942101337 / tcp
HTTP/1.1 200 OK Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer Vary: Origin Content-Type: text/html; charset=utf-8 X-Powered-By: Strapi <strapi.io> Date: Mon, 15 Apr 2024 09:38:06 GMT Connection: keep-alive Keep-Alive: timeout=5 Transfer-Encoding: chunked e13 <!doctype html> <html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>Welcome to your Strapi app</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="robots" content="noindex, nofollow"> <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" /> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" /> <style> *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}} </style> </head> <body lang="en"> <section class="wrapper"> <h1><img class="logo" src="https://api-dev.mockdown.cc/assets/images/logo_login.png" /></h1> <div class="informations"> <div> <span class="environment">development</span> <p> The server is running successfully (<strong>v0.1.0)</strong> </p> </div> <div class="text-align-right"> <p>Mon, 15 Apr 2024 09:38:06 GMT</p> <a class="cta cta-primary" href="https://api-dev.mockdown.cc/admin" target="_blank" title="Click to open the administration" ><i class="fas fa-external-link-alt"></i>Open the administration</a> </div> </div> </section> </body> </html> 0
2092457332 | 2024-04-05T19:10:52.4792433306 / tcp
MySQL: Protocol Version: 10 Version: 8.0.28-0ubuntu0.20.04.3 Capabilities: 65535 Server Language: 255 Server Status: 2 Extended Server Capabilities: 57343 Authentication Plugin: caching_sha2_password
-734996185 | 2024-04-19T12:04:07.52757410000 / tcp
HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 19 Apr 2024 12:04:07 GMT Content-Type: text/html; charset=utf-8 Content-Length: 47 Connection: keep-alive Vary: Accept-Encoding Location: /builder X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.budibase.net https://cdn.budi.live https://js.intercomcdn.com https://widget.intercom.io; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com https://rsms.me https://maxcdn.bootstrapcdn.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.budibase.net https://api-iam.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://app.posthog.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.us-east-2.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-west-2.amazonaws.com https://*.s3.af-south-1.amazonaws.com https://*.s3.ap-east-1.amazonaws.com https://*.s3.ap-southeast-3.amazonaws.com https://*.s3.ap-south-1.amazonaws.com https://*.s3.ap-northeast-3.amazonaws.com https://*.s3.ap-northeast-2.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://*.s3.ap-southeast-2.amazonaws.com https://*.s3.ap-northeast-1.amazonaws.com https://*.s3.ca-central-1.amazonaws.com https://*.s3.cn-north-1.amazonaws.com https://*.s3.cn-northwest-1.amazonaws.com https://*.s3.eu-central-1.amazonaws.com https://*.s3.eu-west-1.amazonaws.com https://*.s3.eu-west-2.amazonaws.com https://*.s3.eu-south-1.amazonaws.com https://*.s3.eu-west-3.amazonaws.com https://*.s3.eu-north-1.amazonaws.com https://*.s3.sa-east-1.amazonaws.com https://*.s3.me-south-1.amazonaws.com https://*.s3.us-gov-east-1.amazonaws.com https://*.s3.us-gov-west-1.amazonaws.com https://api.github.com; font-src 'self' data: https://cdn.jsdelivr.net https://fonts.gstatic.com https://rsms.me https://maxcdn.bootstrapcdn.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https:; img-src http: https: data: blob:; manifest-src 'self'; media-src 'self' https://js.intercomcdn.com https://cdn.budi.live; worker-src 'none'; Redirecting to <a href="/builder">/builder</a>.
-795948505 | 2024-04-14T20:18:18.72816333060 / tcp
MySQL X Protocol: tls: False authentication.mechanisms: MYSQL41 SHA256_MEMORY doc.formats: text client.interactive: False compression: algorithm: deflate_stream lz4_message zstd_stream node_type: mysql client.pwd_expire_ok: False