GeneralInformation

Hostnames	panel.creativecube.media static.87.53.4.46.clients.your-server.de
Domains	creativecube.media your-server.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 2022 3306 25565

1152890161 | 2024-05-10T22:17:57.407098

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDSUmoTPjVEE8xfBbQYwqsc1opca3OQADFI4iIgJrl4nGDi
8WwiKruDugFwM/FEvOEyLIZ/d2sBIe+X3UBzPFiBkc8l6cyohSHPVIkB3YqaApogdEFAcHEXTB0n
daJrgGtm5/Gey1uAdsoDw1qRXYQN1FHd9VwuVs5SzHHyi+4Dm1IRPXi64+harLnDxKiSqClPNh/l
kGKmvH/r87y8MNzFgg6SsC1o43r0zb3uk6tr/2kXkWwa2X4NQiH1kg9LYorS/Yy31r3lBzttH0XL
3LiOBAzkfarCn5KforzPMmQPU+ovH37LBjnLoHL+Vs82BFiPB66pOibc8QcVHU+CIszuqj5EYOqo
X3xuNP0only+QVT/bLcLlt2PyaHlNxaN2GmZNXy6p2oPnvPGmlgMausO01QGnZ9dXKRLblUYVdhQ
0TuAQi5aFlb32GB7cugOwKDI8ocvgGN4mdxshcruk7H//fkdbi/N8Vc8UvR6d8hKhm9xXO7oVi1Y
xeD3hmW74T8=
Fingerprint: 8d:80:64:44:64:f9:a5:5e:14:f8:9a:50:16:c9:10:cf

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-05-12T20:07:18.472605

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 12 May 2024 20:07:18 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

-1472263007 | 2024-05-05T19:36:56.919093

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sun, 05 May 2024 19:36:56 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6InVFQ0M3OS95SW9jMGZPMTBXaDVTTEE9PSIsInZhbHVlIjoialVWTGJPc2lFSHNpTkk0ei9IamVHUE41VnlPQlJuamNnMC93Qm1ka3g4cGZaZ0dYSWpjaXhQQ2NscGdOc2IzK0pzVTF6ZmU2c3RtUmZwOXZYSG1HeG9hNDl3ZkF1enNMcGV3R1orR2VhMVJwWFc4Znk1UlFpYVd1OEN3MUxuYXoiLCJtYWMiOiJlZGQwMGM2YWMzMDNiMDhhMDE2MjAyNDkzNjM1ZjAxMWIzY2E3MWVmNDdiMjU5MjQwYmRlNzgwYmI1M2QzZTQzIiwidGFnIjoiIn0%3D; expires=Mon, 06 May 2024 07:36:56 GMT; Max-Age=43200; path=/; secure; samesite=lax
Set-Cookie: pterodactyl_session=eyJpdiI6IllXeVpPYlI3aWQyR1pqNXNmak5lOWc9PSIsInZhbHVlIjoiQm0rQWFrR05jTzBFbWJRbXdzRTFxdXNOSnk4R0czd3hPd21PdSt1S1B0OWIvTlkrUlJBSzhVR0NWZisvZkxnUzF0YTJBcGxHRjAvL0dtMmlCa1V2bzkwc2ZYU1RWc2xjSXZ6bDNFazJpdGRxenBKSTdzeWpaU2M1R202UEh4bmYiLCJtYWMiOiIyYzMzZjg5MTIzZjJmY2Q1NTZlOTI0NjYyZWY4MWIwYTMyZjU1ZmMzMjVkYjM4MTU4MmFhOGM0N2Y4YzA0YzZiIiwidGFnIjoiIn0%3D; expires=Mon, 06 May 2024 07:36:56 GMT; Max-Age=43200; path=/; secure; httponly; samesite=lax

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:e9:f6:f5:79:ef:30:38:6e:c6:90:8c:dd:07:6f:ff:87:0c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 30 19:22:36 2024 GMT
            Not After : Jun 28 19:22:35 2024 GMT
        Subject: CN=panel.creativecube.media
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d6:15:2f:4e:83:07:be:4f:d1:29:fe:a6:c3:fa:
                    0f:db:da:92:cb:db:01:38:54:f8:7a:81:66:b4:b5:
                    a4:2f:10:f6:9d:60:b5:b4:ac:c1:d3:90:74:b5:52:
                    26:69:56:3b:fe:2b:3b:33:a3:72:3d:73:6b:8b:21:
                    bb:da:c8:32:24:48:16:63:8f:94:43:07:20:ac:c4:
                    28:7d:e1:3b:8e:70:1c:d0:9b:b2:d3:aa:b4:17:ec:
                    05:2e:f6:70:2e:05:6a:59:f7:44:6a:83:92:50:cc:
                    c9:fc:f3:c6:15:f2:aa:80:22:ad:d0:6a:76:7c:39:
                    a6:8c:13:e5:e1:51:55:58:ae:88:ac:ba:81:9a:06:
                    19:db:7e:9e:da:6b:eb:1c:18:94:07:c5:f7:d0:8a:
                    6f:10:75:6b:0f:09:84:2a:91:81:d6:52:71:37:87:
                    81:bd:86:7f:92:d3:70:80:4f:cd:a8:11:1b:bd:6e:
                    a7:9b:86:3e:fe:6e:80:c9:4b:47:86:48:e3:74:99:
                    32:64:43:71:3d:9a:3d:f0:4e:bc:0f:91:58:c8:cc:
                    4a:4d:cb:0a:d9:0d:62:d9:1e:e5:c3:12:f0:cc:12:
                    02:d0:2c:39:14:34:ab:9c:b2:2d:4f:b2:46:78:c2:
                    f8:68:de:59:2f:2f:e2:82:67:2f:ae:31:3b:99:cf:
                    4a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                5A:F8:9F:24:12:30:45:40:A5:A3:A1:C7:5E:25:01:A7:A3:A5:06:D9
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:panel.creativecube.media
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Mar 30 20:22:36.704 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:4F:B4:C8:77:B0:A7:6F:C0:A3:EC:82:BD:
                                E7:BB:2C:31:12:65:27:C0:31:68:EE:6A:C0:4E:B1:12:
                                5A:A9:49:99:02:21:00:C0:13:B3:38:61:68:F1:A4:D2:
                                10:52:AF:FE:31:E1:63:7D:26:C5:CE:2D:EF:8E:64:6D:
                                03:B7:F8:64:88:85:24
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 30 20:22:36.711 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:32:A4:4A:9A:1D:F8:71:FC:0C:71:82:ED:
                                ED:49:CB:E1:50:6A:FB:09:A4:0D:F7:48:9F:2D:E8:50:
                                D0:6B:82:38:02:20:61:5A:4C:49:24:01:38:99:C1:92:
                                EF:25:70:14:F8:F9:C3:D2:74:BB:B2:D9:3F:DB:9D:E9:
                                E2:ED:93:41:2A:58
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        91:f4:36:7b:a7:c4:98:18:bf:0c:24:57:53:32:32:6f:1d:f2:
        c5:80:97:27:4b:8c:15:aa:63:12:fa:f7:17:65:ce:2b:7c:8a:
        05:ba:d5:7b:93:63:5b:be:8f:9c:cf:73:52:64:82:04:aa:eb:
        d1:29:78:14:dd:c9:9e:78:dd:02:a1:58:4b:b2:9a:df:da:a3:
        27:f7:a8:e7:d4:f4:80:bd:d4:0f:e7:22:96:eb:bd:36:19:d3:
        77:8a:e0:36:5e:e7:00:52:8a:c2:94:62:6d:43:e9:b7:6c:eb:
        b9:57:b9:ce:a8:86:23:70:3d:f8:1d:07:c9:92:45:c2:60:08:
        7e:0c:4b:a9:97:8b:2e:5b:77:eb:9e:58:d1:2a:f7:cb:c6:79:
        9b:42:ae:f6:ae:67:dd:4e:bf:b2:d7:23:57:ed:56:37:fe:52:
        c2:90:a8:11:7d:92:16:f7:1b:12:47:14:4e:17:96:47:94:98:
        85:f9:67:6d:a1:45:92:8c:1b:ef:4f:5c:e4:1e:c0:c6:67:5f:
        2c:fc:3f:65:70:f1:a5:43:f3:55:64:22:db:c3:e4:90:22:f5:
        4c:45:df:9c:29:98:b4:3e:38:8c:f8:65:d9:14:ed:7d:a6:05:
        99:a4:df:24:41:80:e1:61:cb:5d:20:b9:3b:8b:f3:b0:b0:c7:
        c7:38:9f:f2

-1923918626 | 2024-05-06T06:48:00.885692

2022 / tcp

SSH-2.0-Go\r\n

1430148213 | 2024-05-11T02:48:12.613592

3306 / tcp

MariaDB:
  Error Message: Host '224.195.177.0' is not allowed to connect to this MariaDB server
  Error Code: 1130

143211241 | 2024-05-01T15:32:40.101540

25565 / tcp

Minecraft Server:
  Version: 1.20.4 (Protocol 765)
  Description: §f§lCUBE §a§lSMP
  Online Players: 0
  Maximum Players: 20

46.4.53.87

Last Seen: 2024-05-12

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1152890161 | 2024-05-10T22:17:57.407098
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

677579724 | 2024-05-12T20:07:18.472605
80 / tcp

nginx1.18.0

-1472263007 | 2024-05-05T19:36:56.919093
443 / tcp

nginx1.18.0

-1923918626 | 2024-05-06T06:48:00.885692
2022 / tcp

1430148213 | 2024-05-11T02:48:12.613592
3306 / tcp

MariaDB

143211241 | 2024-05-01T15:32:40.101540
25565 / tcp

Minecraft1.20.4

Products

Pricing

Contact Us

46.4.53.87

Last Seen: 2024-05-12

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1152890161 | 2024-05-10T22:17:57.407098 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

677579724 | 2024-05-12T20:07:18.472605 80 / tcp

nginx1.18.0

-1472263007 | 2024-05-05T19:36:56.919093 443 / tcp

nginx1.18.0

-1923918626 | 2024-05-06T06:48:00.885692 2022 / tcp

1430148213 | 2024-05-11T02:48:12.613592 3306 / tcp

MariaDB

143211241 | 2024-05-01T15:32:40.101540 25565 / tcp

Minecraft1.20.4

Products

Pricing

Contact Us

1152890161 | 2024-05-10T22:17:57.407098
22 / tcp

677579724 | 2024-05-12T20:07:18.472605
80 / tcp

-1472263007 | 2024-05-05T19:36:56.919093
443 / tcp

-1923918626 | 2024-05-06T06:48:00.885692
2022 / tcp

1430148213 | 2024-05-11T02:48:12.613592
3306 / tcp

143211241 | 2024-05-01T15:32:40.101540
25565 / tcp