GeneralInformation

Hostnames	fs.sdc2.glbservers.com fs2.sdc2.glbservers.com
Domains	glbservers.com
Country	Netherlands
City	Amsterdam
Organization	Switch Datacenters Amsterdam 1 B.V.
ISP	Switch Datacenters Amsterdam 1 B.V.
ASN	AS205644
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

589765266 | 2024-04-08T15:30:39.076785

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 08 Apr 2024 15:30:38 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://185.68.182.35/

869281729 | 2024-04-03T12:50:09.437066

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 03 Apr 2024 12:50:09 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:60:2b:98:cf:88:1f:4b:bd:82:36:f8:33:bb:3c:a1:12:24
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Jan 25 08:33:48 2024 GMT
            Not After : Apr 24 08:33:47 2024 GMT
        Subject: CN=*.jc.wstream12.glbservers.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:e7:92:3c:f7:d7:0b:44:eb:8e:db:5e:51:84:b9:
                    a8:f9:83:28:45:48:30:61:12:97:f4:3f:98:5f:a6:
                    fa:64:65:93:15:9c:7f:2e:a6:07:bd:d3:16:d6:f8:
                    07:74:25:68:58:fe:b4:83:df:de:ba:85:01:82:9c:
                    b9:6c:ca:52:47
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                76:E4:F7:A2:A7:E1:47:B2:AD:C7:23:8F:FA:C6:B5:CF:FD:4E:BB:3E
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.adult-dating.jc.wstream12.glbservers.com, DNS:*.adult-dating.jw.wstream12.glbservers.com, DNS:*.adult-dating.km.wstream12.glbservers.com, DNS:*.adult-dating.mk.wstream12.glbservers.com, DNS:*.adult-dating.pw.wstream12.glbservers.com, DNS:*.adult-dating.sn.wstream12.glbservers.com, DNS:*.adult-dating.yn.wstream12.glbservers.com, DNS:*.ar.wstream12.glbservers.com, DNS:*.ew.wstream12.glbservers.com, DNS:*.jc.wstream12.glbservers.com, DNS:*.jw.wstream12.glbservers.com, DNS:*.km.wstream12.glbservers.com, DNS:*.mainstream-dating.jc.wstream12.glbservers.com, DNS:*.mk.wstream12.glbservers.com, DNS:*.pw.wstream12.glbservers.com, DNS:*.sn.wstream12.glbservers.com, DNS:*.yn.wstream12.glbservers.com, DNS:fs.sdc2.glbservers.com, DNS:fs2.sdc2.glbservers.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jan 25 09:33:48.877 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F4:99:69:51:AA:B8:2E:82:C6:C4:52:
                                BF:E1:4E:01:3A:91:8A:2D:18:07:C5:51:EE:5F:E0:F4:
                                F1:72:4F:D9:DF:02:21:00:E3:64:78:26:CB:E8:7D:F4:
                                28:73:49:7A:13:78:5D:A7:E4:ED:F7:AF:D2:08:2B:7A:
                                D2:09:BF:96:6C:FC:C3:E4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Jan 25 09:33:48.965 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:67:29:5A:73:69:78:C0:1E:0B:F9:A0:DD:
                                14:A0:6D:A5:28:57:36:C9:6F:BA:C9:CC:5D:14:04:34:
                                D6:F8:37:6F:02:20:7B:71:83:AC:5C:E4:05:B1:2F:8E:
                                39:D8:26:B6:0B:03:FA:83:CD:A1:41:7E:A9:9D:1D:EC:
                                DE:A2:60:B4:76:75
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        07:f0:80:c1:aa:b5:15:e0:3e:b8:24:b3:b6:77:16:d8:c7:78:
        20:f5:80:d6:c1:b1:d0:49:58:4a:70:5c:41:b1:ac:09:0f:b0:
        48:43:7f:0e:b3:a8:4c:c4:71:48:a5:6f:fd:fa:66:6f:15:66:
        55:d1:32:1a:38:65:ad:a2:d2:b7:91:91:e5:ec:27:3e:f2:bc:
        bd:5b:e5:ef:26:9a:cc:a7:ab:46:d8:12:b7:2d:3d:a0:14:4a:
        24:b9:f1:15:cc:e1:89:6f:80:20:e8:5f:7d:cc:27:f6:50:4d:
        bb:a1:95:ce:05:ea:c5:c7:c2:1c:66:8e:5d:4e:68:6c:56:61:
        3c:49:69:f4:74:56:f9:4e:aa:c6:94:b9:3d:36:b7:a8:c6:3e:
        4c:79:56:8d:64:97:75:8e:94:83:7d:26:2a:98:be:4a:7b:44:
        26:eb:b2:92:55:96:20:f8:63:17:aa:3f:ef:4b:e3:4e:dc:5c:
        39:8e:d6:eb:0e:47:e4:3f:82:ae:cf:e5:4f:0b:1e:30:d3:24:
        60:ac:bc:c4:fc:41:28:db:02:a1:da:40:56:41:68:4b:a0:fb:
        ba:4c:66:6c:6e:4d:1e:75:1d:40:c6:9b:32:73:16:74:e9:e9:
        e0:0a:52:6c:7f:b4:fd:f0:33:ad:c9:6c:89:4c:14:c2:db:e3:
        4d:5c:6a:aa

185.68.182.35

Last Seen: 2024-04-08

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

589765266 | 2024-04-08T15:30:39.076785
80 / tcp

nginx1.18.0

869281729 | 2024-04-03T12:50:09.437066
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

185.68.182.35

Last Seen: 2024-04-08

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

589765266 | 2024-04-08T15:30:39.076785 80 / tcp

nginx1.18.0

869281729 | 2024-04-03T12:50:09.437066 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

589765266 | 2024-04-08T15:30:39.076785
80 / tcp

869281729 | 2024-04-03T12:50:09.437066
443 / tcp