Hostnames |
cluster3.galaxyprotect.net mc.stormhvh.su connect.techcube.pw |
Domains | galaxyprotect.net stormhvh.su techcube.pw |
Country | Russian Federation |
City | Moscow |
Organization | RS-Media LLC |
ISP | RS-Media LLC |
ASN | AS197309 |
Operating System | Ubuntu |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-635325516 | 2024-04-27T22:53:50.37545180 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sat, 27 Apr 2024 22:53:50 GMT Content-Type: text/html Content-Length: 1611 Last-Modified: Mon, 01 Apr 2024 10:40:20 GMT Connection: keep-alive ETag: "660a8f14-64b" Accept-Ranges: bytes
869281729 | 2024-04-25T07:04:54.403891443 / tcp
HTTP/1.1 403 Forbidden Server: nginx/1.18.0 (Ubuntu) Date: Thu, 25 Apr 2024 07:04:54 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive
Certificate: Data: Version: 3 (0x2) Serial Number: 04:18:f7:01:58:11:94:58:44:12:9f:c2:a6:48:34:1f:06:52 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Mar 5 17:56:14 2024 GMT Not After : Jun 3 17:56:13 2024 GMT Subject: CN=mc.stormhvh.su Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b2:d1:6d:ca:77:82:da:77:9d:23:ac:ed:10:88: 5c:e4:0c:fa:2b:ed:65:d2:41:77:ff:a9:d4:9c:6c: e0:40:1b:f7:be:54:8f:0d:8e:46:50:4e:f7:3a:94: 50:4d:43:98:75:36:19:da:68:69:da:51:e0:d0:b9: 0b:13:56:0b:f9:a2:25:e5:95:e2:1b:6b:f2:76:d8: da:f2:8b:89:56:d5:42:43:05:c7:42:d3:3e:08:4d: 84:60:9d:91:9a:a3:a9:24:8f:ed:b4:7f:3d:63:ae: ae:f8:ad:df:ac:4d:b6:8c:1b:7d:3c:d1:2b:67:30: 72:f3:98:a1:d1:52:60:f3:c0:36:59:8c:e0:16:26: 1d:03:54:2c:55:e0:f4:12:e5:93:c1:86:bf:e5:f5: fc:ae:37:f0:53:86:aa:60:2b:2f:27:ba:a4:f2:a3: 1a:a3:8d:b2:24:43:d4:32:a2:e2:83:f9:8a:af:a6: 55:04:a6:37:b3:40:84:76:17:c7:3a:e8:df:66:73: fd:4e:bb:af:2f:fd:ff:9f:8f:51:43:23:56:b6:0f: 24:e0:29:2f:fa:92:02:a3:53:55:27:18:fc:de:7e: 52:87:6a:73:ed:30:47:79:20:ee:d6:2b:92:86:01: 09:a3:e6:47:d9:1f:83:75:5c:b4:7e:8b:f9:c7:11: 31:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: EE:C6:14:08:37:9D:59:91:38:46:A8:1C:3E:1B:2C:DD:FE:5D:A5:7A X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:mc.stormhvh.su X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC: 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8 Timestamp : Mar 5 18:56:14.566 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:79:77:9D:3C:E8:71:F9:21:AA:7E:BB:1F: E5:DB:70:EE:42:D8:75:94:9D:38:46:21:7B:7F:4F:E4: 96:E6:E0:00:02:20:46:BA:DD:FB:9A:06:4B:10:24:60: 57:95:FB:B4:30:E5:D2:A7:2F:35:2E:FA:69:94:B6:AB: CB:47:2D:5F:B3:0F Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Mar 5 18:56:14.931 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CF:87:3A:DD:32:35:9F:88:C8:96:E0: 8C:D3:A4:06:EF:DD:A9:24:A0:83:B1:78:6F:90:A7:16: 49:FB:DE:48:A1:02:21:00:8A:75:49:F2:36:94:82:25: A7:3B:54:AF:47:49:E0:E0:6F:30:20:71:1E:00:87:1A: F2:CE:12:F5:82:16:54:57 Signature Algorithm: sha256WithRSAEncryption Signature Value: ac:e6:7d:c3:90:f8:40:f4:fb:80:00:4c:21:10:c5:a5:5b:ed: 65:f0:1a:d9:e0:b3:29:0e:5b:e5:e5:63:d1:07:73:77:35:08: 8c:4a:50:01:cd:35:1e:20:f6:63:6d:a1:bc:03:6c:a9:23:02: 12:c8:06:33:9a:54:14:aa:2f:11:e5:bb:51:e7:3a:1f:fb:09: ed:b4:7b:d0:9d:a8:c0:60:aa:69:7b:6f:58:ba:69:08:b9:e2: 86:26:f6:39:c6:a4:2a:d7:fa:b2:2b:21:22:7c:b8:5b:cb:e4: b2:ee:96:3f:e4:64:8b:55:2b:5a:71:9b:fb:4d:26:6c:36:34: c2:c3:08:c5:4c:29:80:1c:30:5c:3e:69:79:4f:88:2e:b7:d2: 72:05:12:23:37:5c:0e:1f:c4:80:26:ed:2c:18:51:ce:02:5e: 96:79:c1:44:ac:7e:36:b8:df:30:e3:88:a7:a4:15:86:eb:79: 77:58:2c:e2:c3:f5:3c:3a:c2:5c:4b:b1:7b:e3:92:34:4a:8e: 42:74:52:60:61:4e:69:eb:42:0b:01:6d:ef:f1:52:2b:10:7c: 9b:b0:df:e4:14:00:95:31:24:c0:d6:a8:1a:4a:9d:e8:b4:12: ed:5c:76:58:5e:62:44:3b:01:cd:c2:f3:17:ac:93:f6:33:c3: 05:1d:05:1a
-1916357745 | 2024-04-05T08:19:58.1652718443 / tcp
HTTP/1.1 401 Unauthorized Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Accept, Accept-Encoding, Authorization, Cache-Control, Content-Type, Content-Length, Origin, X-Real-IP, X-CSRF-Token Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS Access-Control-Allow-Origin: https://mc-panel.xanikeo.eu Access-Control-Max-Age: 7200 Content-Type: application/json; charset=utf-8 Www-Authenticate: Bearer X-Request-Id: 03063e9a-d14d-461a-99f8-892a0b4cae64 Date: Fri, 05 Apr 2024 08:19:58 GMT Content-Length: 77
Certificate: Data: Version: 3 (0x2) Serial Number: 03:0a:2f:59:d8:b8:d8:e8:60:36:8d:00:53:14:33:82:35:ea Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Apr 1 14:39:20 2024 GMT Not After : Jun 30 14:39:19 2024 GMT Subject: CN=connect.techcube.pw Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c4:ec:20:1e:eb:77:83:88:bd:52:6c:ce:b0:c5: 13:e6:0d:fb:b3:84:82:de:ca:4f:35:be:97:9f:b4: c3:47:a0:27:db:8d:c7:75:ba:2b:45:32:c8:94:54: 9d:2e:51:79:2b:c3:a0:9c:41:cb:e0:d2:7e:0b:5a: c2:29:5f:0e:49:e1:9f:e1:b7:56:10:d2:8d:4f:d9: 8a:1b:b8:2c:18:54:00:9b:d6:b8:8e:dd:bf:2c:2e: b7:8b:49:32:e0:27:7b:0d:3b:9f:db:d9:a4:43:2b: 6f:3b:ee:b1:f3:8e:0b:5e:cf:6d:f0:93:74:be:98: b2:61:03:1b:d0:8b:93:f1:44:4e:52:6a:6e:46:d8: 3c:e4:60:e8:c7:0b:fb:b2:d0:aa:7b:16:d7:fa:8d: 0f:79:5b:9e:bb:b5:d2:fa:ae:2a:01:b1:cd:d0:7e: a2:8d:99:08:b2:bf:20:76:0c:7e:98:81:82:87:b0: 57:1d:c8:5c:d6:71:8f:0e:ed:28:3f:5e:5e:34:49: 88:40:f4:06:50:63:f3:50:f1:ee:44:ba:f2:26:23: df:ca:78:69:87:53:cf:26:63:c8:0b:44:a6:75:cf: 2d:2b:ca:be:fe:b8:32:90:22:3f:62:a9:4b:1a:25: 1a:b7:c7:41:06:bd:49:51:85:c0:e6:d8:79:29:a3: a6:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 81:97:F7:84:0A:5D:73:59:AF:63:C6:7E:E9:6D:E9:DC:34:2A:15:BC X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:connect.techcube.pw X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B: 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17 Timestamp : Apr 1 15:39:20.943 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:B9:9A:CF:10:44:97:9F:DF:30:48:E5: EB:16:23:68:DA:4C:98:EA:8A:EE:E1:42:8D:75:F0:56: EE:6A:25:B4:CF:02:20:22:39:46:16:E3:D3:C3:6A:DF: A6:96:96:55:C5:B9:97:11:3D:0D:14:74:33:3D:D3:63: 31:5E:C9:4A:9E:B4:CB Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Apr 1 15:39:20.955 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:1F:71:DF:D6:F8:68:01:DF:00:12:80:38:39: 0A:BB:0E:49:AD:1B:F2:D5:0F:81:B5:86:32:9A:F9:E8: FC:32:DC:02:21:00:E6:BC:53:2E:96:87:F5:32:ED:5A: 43:F2:E8:95:D5:5C:13:51:48:E1:CE:34:6B:B0:D5:2B: AF:91:44:43:59:28 Signature Algorithm: sha256WithRSAEncryption Signature Value: a7:d7:da:38:c8:33:28:ed:68:1e:47:92:06:99:3b:be:45:d9: bb:ed:88:06:a9:39:33:41:9a:b7:67:36:78:fe:24:81:2e:4d: 25:6a:d1:f0:4f:08:d6:95:aa:57:81:98:2f:60:94:8f:1a:29: 78:2f:92:f4:27:82:c6:66:d3:86:be:95:c8:a1:c7:7f:f9:56: d8:df:53:92:63:0c:e1:c8:06:bf:c5:f7:38:8c:ec:05:07:45: 46:58:cb:51:5a:2c:ea:72:8d:e3:fa:41:7d:66:3b:21:96:98: 44:ca:7c:f2:50:d1:12:f0:c3:a8:4d:9a:8d:2b:7f:2f:9f:ff: 45:57:e6:90:22:48:ca:fa:ac:c4:bd:64:26:e4:a6:4b:77:ba: 15:63:82:ff:8a:cf:99:b7:43:c8:6b:71:3a:a4:78:52:b4:46: 4c:7b:52:47:0d:7d:b1:bf:ff:f9:c9:2e:22:28:b0:8b:61:8e: 7d:d8:89:e2:9f:91:f0:0b:e0:6f:0f:e8:b6:7a:17:f1:f8:2f: 5a:12:dc:4e:e4:01:0f:ac:3c:76:d7:ad:63:d5:1c:1a:93:a3: 4a:ef:6a:ed:66:e7:12:15:43:f1:1c:1f:db:07:39:ed:c3:ab: 25:eb:f4:85:8d:58:80:f4:cd:92:3e:3c:6d:21:67:aa:25:01: cb:47:71:35
-436167079 | 2024-04-15T18:51:07.9161669100 / tcp
HTTP/1.1 400 Bad Request Content-Type: text/plain; charset=utf-8 Connection: close 400 Bad Request Prometheus Node Exporter: node_exporter_build_info: branch: debian/sid goversion: go1.18.1 revision: 1.3.1-1ubuntu0.22.04.2 version: 1.3.1 node_os_info: id: ubuntu id_like: debian name: Ubuntu pretty_name: Ubuntu 22.04.4 LTS version: 22.04.4 LTS (Jammy Jellyfish) version_codename: jammy version_id: 22.04 node_uname_info: domainname: (none) machine: x86_64 nodename: DELTON-W8RG02WOMVWNDTBY release: 5.15.0-102-generic sysname: Linux version: #112-Ubuntu SMP Tue Mar 5 16:50:32 UTC 2024 node_dmi_info: bios_date: 10/26/2022 bios_release: 5.17 bios_vendor: American Megatrends Inc. bios_version: P7.40 board_name: B450M Pro4-F board_vendor: ASRock chassis_asset_tag: To Be Filled By O.E.M. chassis_vendor: To Be Filled By O.E.M. chassis_version: To Be Filled By O.E.M. product_family: To Be Filled By O.E.M. product_name: B450M Pro4-F product_sku: To Be Filled By O.E.M. product_version: To Be Filled By O.E.M. system_vendor: To Be Filled By O.E.M. node_nvme_info: nvme0: device: nvme0 firmware_revision: 002C model: INTEL SSDPEKNU512GZ serial: PHKA22500D0G512A state: live node_network_info: lo: address: 00:00:00:00:00:00 broadcast: 00:00:00:00:00:00 device: lo operstate: unknown docker0: address: 02:42:c5:d9:1d:10 broadcast: ff:ff:ff:ff:ff:ff device: docker0 duplex: unknown operstate: down pterodactyl0: address: 02:42:85:98:be:8f broadcast: ff:ff:ff:ff:ff:ff device: pterodactyl0 duplex: unknown operstate: down enp5s0: address: a8:a1:59:19:df:4f broadcast: ff:ff:ff:ff:ff:ff device: enp5s0 duplex: full operstate: up