GeneralInformation

Hostnames	revoluterra.ru
Domains	revoluterra.ru
Country	Russian Federation
City	Saint Petersburg
Organization	Selectel Network
ISP	OOO "Network of data-centers "Selectel"
ASN	AS49505

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 22 80 123 443 4000 4444 8888 10000

395016270 | 2024-04-20T08:05:40.282009

21 / tcp

220 ProFTPD Server (Debian) [::ffff:185.192.111.18]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
214-ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
214-STOR    STOU    APPE    REST    ABOR    USER    PASS    ACCT*   
214-REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@Richmann
211-Features:
211-CLNT
211-EPRT
211-EPSV
211-HOST
211-LANG en-US.UTF-8*;en-US;ru-RU.UTF-8;ru-RU
211-MDTM
211-MFF modify;UNIX.group;UNIX.mode;
211-MFMT
211-MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
211-REST STREAM
211-SITE COPY
211-SITE MKDIR
211-SITE RMDIR
211-SITE SYMLINK
211-SITE UTIME
211-SIZE
211-TVFS
211-UTF8
211 End

-2060889568 | 2024-04-24T20:02:05.374338

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDz5nesJNEOVU1SAaPuY9CV4E5A5zFmJHgi1RtyMP6j1+MC
Wvlffq1nN5JH2d+mA4Hg0iWfHsSai0JOlxb2GNaHn/c5u3Lh/5f2Ulv9cTxecZZUOu8hExmvRrhT
1uSjKP8dHQyNPeLr2sIbKTvfZ2yMal1i1gRqBkoWYm+J/dXh4eHCXamGH6vPRmTUtenoOdhpgmUY
W5OBCMxmNKG6olsm8UMkBn2qJKt3y2JRMv/2T+pcugBI/k8QCZUikEcDkVYwAGozHImJhl6Qd/sI
2hN5UhGvoNythvg0gx34kIsOrHHQzR0JH4XJTH5Oj3z0Nd9j4Mdj91D9ayM/KjOdgJgjgVDXcNA0
0hBa2HWeVEEXLud/GNG05222QzjPxohlcm0dNP2hqHM/LTNya/nhgeyGTUsPpHL0d0b9kP5NUm09
ACIqBCIYrOomeLO819sFNLwrnSpuGpaQKc2OYA7HrnGYQ/gNAa4MLIlmfKUPmv3s6nzm6ge3+OJC
Vo5Rx4HLo58=
Fingerprint: 5c:50:4f:f4:5e:18:13:7d:fa:55:db:f2:a4:1b:17:7e

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1845118841 | 2024-05-07T21:53:07.608386

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 21:53:09 GMT
Content-Type: text/html
Content-Length: 10918
Last-Modified: Thu, 17 Dec 2020 12:41:57 GMT
Connection: keep-alive
ETag: "5fdb5215-2aa6"
Accept-Ranges: bytes

-429215332 | 2024-04-23T12:23:26.559108

123 / udp

NTP
protocolversion: 3
stratum: 3
leap: 0
precision: -24
rootdelay: 0.0162658691406
rootdisp: 207.555160522
refid: 3160215571
reftime: 3909027953.28
poll: 3

-1640037684 | 2024-04-26T07:00:59.980393

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 07:01:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 66734
Last-Modified: Tue, 22 Aug 2023 08:50:59 GMT
Connection: keep-alive
ETag: "64e476f3-104ae"
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:74:54:c0:46:68:05:fc:c2:a0:33:a9:87:4d:ca:91:6a:10
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 20 21:05:53 2024 GMT
            Not After : Jun 18 21:05:52 2024 GMT
        Subject: CN=revoluterra.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:e1:7f:96:f7:ee:f4:4e:4e:55:5d:da:9d:05:
                    8d:ea:28:b5:fd:4f:b4:9a:a2:06:81:88:48:8a:b5:
                    fe:53:2d:91:d8:40:93:ed:27:5b:55:30:08:aa:02:
                    7a:cc:7e:87:5c:6c:a3:a8:25:42:2c:69:1b:59:1a:
                    ce:50:a0:1f:36:34:38:7f:0d:e3:f4:dc:f6:87:ff:
                    77:3a:67:4b:95:23:4c:dc:79:29:5b:f5:fb:f7:ff:
                    ef:3b:d2:8f:96:96:5e:cd:b1:3b:05:c0:e6:bf:54:
                    cc:c0:98:e3:c5:e5:30:21:00:e6:54:10:97:32:8c:
                    b5:28:37:a4:b1:b9:f3:0d:a0:49:7c:ff:8c:94:88:
                    7a:36:f1:26:3a:90:61:bc:ee:7b:c9:c8:71:d9:8f:
                    29:71:9c:7e:3f:72:a6:fc:f5:5e:74:bb:f9:d4:81:
                    6f:84:5c:39:8e:39:85:79:09:d6:64:8f:13:e9:7d:
                    dd:e7:90:65:89:f8:81:5f:2f:dc:59:63:30:a6:0f:
                    27:66:ef:27:5b:fc:cd:3c:6f:b7:60:69:f4:5d:81:
                    9e:cf:a8:da:37:e1:8a:be:52:20:3f:52:15:0f:a8:
                    80:be:dc:4f:89:c5:fd:b8:27:ef:12:f6:9b:d3:94:
                    e2:f8:cd:8a:95:b3:a0:b0:71:8f:97:30:86:17:0e:
                    c4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                9B:37:7F:58:DD:CD:01:3B:AD:7F:00:2A:7E:6F:FB:96:BE:02:40:51
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:revoluterra.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 20 22:05:53.208 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:47:B7:B2:17:87:6F:33:34:95:AC:0E:66:
                                0C:4D:B5:DA:19:96:50:E5:25:71:17:34:DF:5E:6F:30:
                                77:CA:2C:AE:02:20:5D:9F:19:35:25:E6:09:73:07:3B:
                                2D:AB:EE:A3:D7:AE:B4:C2:B5:BC:87:83:F1:5E:2C:B7:
                                EA:74:49:12:8F:77
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 20 22:05:53.206 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B7:50:CB:79:19:DE:DE:8E:7B:29:D9:
                                A8:7A:C1:CE:13:2F:01:9E:86:97:5B:26:45:C0:46:AB:
                                11:3D:8F:C7:06:02:20:53:EE:40:C1:D1:D1:A1:05:A2:
                                6C:80:96:09:2E:0E:5A:21:AF:48:72:10:19:4E:EA:E9:
                                46:26:29:9D:B3:3C:56
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5d:04:4b:86:e8:1d:e3:6d:c1:7c:ca:99:15:56:66:62:84:c2:
        8a:83:5d:66:54:a8:5b:05:99:52:32:31:e5:01:97:d8:84:2a:
        e1:b1:4b:0a:04:8c:73:a6:f4:f3:8d:57:7d:91:eb:ce:6b:33:
        c9:07:b7:da:0a:1a:b1:a0:48:fd:59:d0:3b:9f:6c:e8:46:23:
        b6:64:c0:0a:19:88:5d:3d:d7:56:a6:e3:6c:8e:93:94:a0:a9:
        19:93:a1:60:11:b5:cf:5e:b5:18:fa:e8:31:f3:19:c3:72:8d:
        75:54:aa:39:0e:3b:2d:9e:c3:a2:7a:2f:f6:43:16:2e:f6:a7:
        84:dc:47:9e:c0:9b:2e:49:fc:ba:89:d5:af:f4:d3:7b:5f:00:
        4c:f7:9f:43:a7:27:ef:8d:db:28:42:3d:30:eb:7c:9a:89:9d:
        5f:10:0c:de:cc:e1:90:37:71:8a:8c:1e:30:05:d1:d9:e5:14:
        a0:ae:4c:3c:d4:48:3f:59:9c:a8:a4:1d:ed:d7:f0:bb:1d:b2:
        54:85:80:5d:13:22:3c:2f:77:93:45:98:21:9b:f3:34:0c:5b:
        38:63:73:8f:09:ea:14:71:f1:8b:4f:c0:b4:80:6c:07:06:d0:
        07:e7:48:da:47:15:69:10:27:45:42:fb:ed:d5:be:bf:9a:07:
        4d:70:ce:1c

1167067452 | 2024-04-20T01:27:33.682007

4000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 20 Apr 2024 01:27:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 166
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

-1865390214 | 2024-05-06T01:13:31.733117

4444 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
date: Mon, 06 May 2024 01:13:33 GMT

1f58
<!doctype html>
<html class="theme-light">
<!--
Illuminate\Encryption\MissingAppKeyException: No application encryption key has been specified. in file /opt/local-relink/vendor/laravel/framework/src/Illuminate/Encryption/EncryptionServiceProvider.php on line 79

#0 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Support/helpers.php(263): Illuminate\Encryption\EncryptionServiceProvider-&gt;Illuminate\Encryption\{closure}()
#1 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Encryption/EncryptionServiceProvider.php(81): tap()
#2 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Encryption/EncryptionServiceProvider.php(60): Illuminate\Encryption\EncryptionServiceProvider-&gt;key()
#3 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Encryption/EncryptionServiceProvider.php(32): Illuminate\Encryption\EncryptionServiceProvider-&gt;parseKey()
#4 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(826): Illuminate\Encryption\EncryptionServiceProvider-&gt;Illuminate\Encryption\{closure}()
#5 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(712): Illuminate\Container\Container-&gt;build()
#6 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(826): Illuminate\Container\Container-&gt;resolve()
#7 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(651): Illuminate\Foundation\Application-&gt;resolve()
#8 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(811): Illuminate\Container\Container-&gt;make()
#9 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(980): Illuminate\Foundation\Application-&gt;make()
#10 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(900): Illuminate\Container\Container-&gt;resolveClass()
#11 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(861): Illuminate\Container\Container-&gt;resolveDependencies()
#12 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(712): Illuminate\Container\Container-&gt;build()
#13 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(826): Illuminate\Container\Container-&gt;resolve()
#14 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Container/Container.php(651): Illuminate\Foundation\Application-&gt;resolve()
#15 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(811): Illuminate\Container\Container-&gt;make()
#16 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(156): Illuminate\Foundation\Application-&gt;make()
#17 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline-&gt;Illuminate\Pipeline\{closure}()
#18 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Routing/Router.php(695): Illuminate\Pipeline\Pipeline-&gt;then()
#19 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Routing/Router.php(670): Illuminate\Routing\Router-&gt;runRouteWithinStack()
#20 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Routing/Router.php(636): Illuminate\Routing\Router-&gt;runRoute()
#21 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Routing/Router.php(625): Illuminate\Routing\Router-&gt;dispatchToRoute()
#22 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(166): Illuminate\Routing\Router-&gt;dispatch()
#23 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel-&gt;Illuminate\Foundation\Http\{closure}()
#24 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline-&gt;Illuminate\Pipeline\{closure}()
#25 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TransformsRequest-&gt;handle()
#26 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline-&gt;Illuminate\Pipeline\{closure}()
#27 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TransformsRequest-&gt;handle()
#28 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline-&gt;Illuminate\Pipeline\{closure}()
#29 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize-&gt;handle()
#30 /opt/local-relink/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pip

1651973090 | 2024-04-12T05:24:06.826236

8888 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 12 Apr 2024 05:24:09 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 14:09:01 GMT
Connection: keep-alive
ETag: "5e9efe7d-264"
Accept-Ranges: bytes

1124643627 | 2024-05-09T01:17:26.299428

10000 / tcp

HTTP/1.1 403 Forbidden
Accept-Ranges: bytes
Content-Length: 226
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Server: MinIO
Vary: Origin
X-Amz-Request-Id: 17CDAD2E699CFA6F
X-Xss-Protection: 1; mode=block
Date: Thu, 09 May 2024 01:17:27 GMT

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied.</Message><Resource>/</Resource><RequestId>17CDAD2E699CFA6F</RequestId><HostId>5d2ff3f7-5cf7-489a-a127-552c926b3db5</HostId></Error>

185.192.111.18

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

395016270 | 2024-04-20T08:05:40.282009
21 / tcp

-2060889568 | 2024-04-24T20:02:05.374338
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.1

1845118841 | 2024-05-07T21:53:07.608386
80 / tcp

nginx1.18.0

-429215332 | 2024-04-23T12:23:26.559108
123 / udp

-1640037684 | 2024-04-26T07:00:59.980393
443 / tcp

nginx1.18.0

1167067452 | 2024-04-20T01:27:33.682007
4000 / tcp

nginx1.18.0

-1865390214 | 2024-05-06T01:13:31.733117
4444 / tcp

nginx1.18.0

1651973090 | 2024-04-12T05:24:06.826236
8888 / tcp

nginx1.18.0

1124643627 | 2024-05-09T01:17:26.299428
10000 / tcp

MinIO Server

Products

Pricing

Contact Us

185.192.111.18

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

395016270 | 2024-04-20T08:05:40.282009 21 / tcp

-2060889568 | 2024-04-24T20:02:05.374338 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.1

1845118841 | 2024-05-07T21:53:07.608386 80 / tcp

nginx1.18.0

-429215332 | 2024-04-23T12:23:26.559108 123 / udp

-1640037684 | 2024-04-26T07:00:59.980393 443 / tcp

nginx1.18.0

1167067452 | 2024-04-20T01:27:33.682007 4000 / tcp

nginx1.18.0

-1865390214 | 2024-05-06T01:13:31.733117 4444 / tcp

nginx1.18.0

1651973090 | 2024-04-12T05:24:06.826236 8888 / tcp

nginx1.18.0

1124643627 | 2024-05-09T01:17:26.299428 10000 / tcp

MinIO Server

Products

Pricing

Contact Us

395016270 | 2024-04-20T08:05:40.282009
21 / tcp

-2060889568 | 2024-04-24T20:02:05.374338
22 / tcp

1845118841 | 2024-05-07T21:53:07.608386
80 / tcp

-429215332 | 2024-04-23T12:23:26.559108
123 / udp

-1640037684 | 2024-04-26T07:00:59.980393
443 / tcp

1167067452 | 2024-04-20T01:27:33.682007
4000 / tcp

-1865390214 | 2024-05-06T01:13:31.733117
4444 / tcp

1651973090 | 2024-04-12T05:24:06.826236
8888 / tcp

1124643627 | 2024-05-09T01:17:26.299428
10000 / tcp