GeneralInformation

Hostnames	pardus.cloud static.7.140.132.142.clients.your-server.de
Domains	pardus.cloud your-server.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000

-780813541 | 2024-04-11T21:56:46.350384

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC+erUySLK1KnKAmCD3GIOR/IyCa+m/5gT9paGHktkR/frh
EhNN56Jl01Ar/2qrh5HJoPboWi3uPoWKNqIoFCvgW6C/BS0fStMgPPZdjNKjlXJ9lzpjZumOAFuy
W0t+WVlqg9OFBdkap6hWlV4ACiPWZrntXAaqbo9syz+HlFFQS+so/jEGoHDpfNxKBqZ5b2e8yzcy
cGuZoAd7aBfMdqCGytviN/eQAORtmGvGeHiYQnvJYHHyvBlk7vkJG3QN3zf78uqeQUtEbCHa1xZo
Wli5VvUQwMb7+7XpvDs95VqudEA/addPfFd1qxwowhhHMutWfKY08zASVnqvaJPuIHBFw4jxqI4B
Ywjeai+Xf9BjReWaar4PjGP92rnutfMlQxhTOKLVBxobhp3Z6/kOE/yiuYjvz7qFKihk+Q0cjQKF
rv0t6yVgj83SUANP7XQeafxsH32rSKC5rKJqazqGS2KvbVzOqIThvBlVA2p1UYhyo3sIEeTP2yeJ
ReBkGfjBdh8=
Fingerprint: d4:d1:7d:47:78:4b:f2:58:5f:d1:60:f5:b4:e6:4c:66

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1882785403 | 2024-04-19T05:31:37.120123

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.10
Date: Fri, 19 Apr 2024 05:31:31 GMT
Content-Type: text/html
Content-Length: 170
Connection: keep-alive
Location: https://142.132.140.7/

1882785403 | 2024-04-19T05:31:41.132800

443 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.10
Date: Fri, 19 Apr 2024 05:31:41 GMT
Content-Type: text/html
Content-Length: 170
Connection: keep-alive
Location: https://pardus.cloud/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:d3:74:2e:76:81:0d:08:0e:8c:f8:5d:38:f8:99:1e:51:49
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 12 07:05:03 2024 GMT
            Not After : May 12 07:05:02 2024 GMT
        Subject: CN=pardus.cloud
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:1f:8a:75:0e:c5:90:38:54:1f:84:ea:84:52:75:
                    a0:5d:36:6b:67:da:4d:9d:f4:31:33:02:34:56:9e:
                    9f:09:34:a9:40:3c:1b:fd:7f:07:2d:2f:54:7c:c1:
                    11:b5:44:bb:b0:69:5d:d5:c5:ba:e3:5f:d3:3a:06:
                    7f:b2:a4:d3:c6
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B4:E0:91:49:8E:76:07:DA:6E:9E:AD:46:6D:BF:85:F8:50:F0:37:0C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.pardus.cloud, DNS:pardus.cloud
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 12 08:05:03.759 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:10:EB:DD:C9:EC:A1:36:76:EB:05:EB:AC:
                                B8:9B:EC:B5:78:7F:F3:2B:0F:29:EB:62:B9:E3:D2:ED:
                                91:BF:13:31:02:21:00:9F:62:DF:6D:04:D5:98:7E:7F:
                                1C:41:28:DB:14:00:36:88:C7:A1:F6:AE:A2:5F:F8:DB:
                                65:69:D7:D4:ED:B1:48
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 12 08:05:03.766 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9A:17:A5:36:80:CE:E8:83:FE:2E:3D:
                                54:0E:86:33:15:FB:CD:F0:9F:E2:00:F4:54:79:5C:AC:
                                4B:6D:40:4B:CA:02:20:30:77:27:DB:D9:01:77:8C:A2:
                                71:5A:E7:5E:5D:7B:E7:D2:4B:94:5C:4D:F8:61:13:2C:
                                84:7D:30:FF:15:A1:0D
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:1c:92:a3:2f:2e:c2:8e:ba:c4:f9:05:ad:e7:31:e8:ba:20:
        61:0a:54:50:7a:4b:13:bf:0b:e3:9e:67:1d:fa:bb:c0:52:04:
        7e:21:1a:19:97:2a:fa:6a:07:70:38:20:69:78:f6:20:32:4c:
        01:1c:2a:3e:2a:5f:27:72:10:dd:10:23:67:1f:14:42:5d:f7:
        01:de:ba:39:ad:73:4d:d6:60:ec:1e:e2:63:2d:b0:ea:48:16:
        62:97:d7:a6:33:02:f0:07:1c:b3:1f:8c:2f:52:46:0a:46:21:
        3c:52:74:be:3f:ac:25:f9:87:4b:e9:ca:8c:78:67:3b:53:b8:
        9d:1f:64:4e:9d:51:ff:ea:cb:0a:87:40:d6:e7:9a:8b:1a:db:
        aa:d7:09:ac:dc:70:a7:6e:3c:58:0e:5a:09:68:f0:d9:40:59:
        eb:c1:bc:ea:0d:c0:39:31:41:7f:50:c8:cc:98:38:1d:d7:19:
        e7:fd:30:8f:62:e8:d0:3e:8e:90:da:42:51:a5:b5:94:2b:3d:
        32:6f:af:2f:40:41:84:0d:b3:35:fa:58:60:ae:41:ac:8e:24:
        06:2b:d6:7d:8a:d8:be:39:3d:3e:f8:32:61:4f:e9:92:9c:a0:
        b2:84:5d:92:46:88:e4:6d:81:6c:dc:3a:a4:12:9d:d4:42:c3:
        51:3a:21:d1

1211758314 | 2024-04-16T00:17:21.142842

3000 / tcp

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
Date: Tue, 16 Apr 2024 00:17:20 GMT
Transfer-Encoding: chunked

142.132.140.7

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-780813541 | 2024-04-11T21:56:46.350384
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.4

1882785403 | 2024-04-19T05:31:37.120123
80 / tcp

nginx1.19.10

1882785403 | 2024-04-19T05:31:41.132800
443 / tcp

nginx1.19.10

1211758314 | 2024-04-16T00:17:21.142842
3000 / tcp

Grafana (Open Source)10.4.0

Products

Pricing

Contact Us

142.132.140.7

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-780813541 | 2024-04-11T21:56:46.350384 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.4

1882785403 | 2024-04-19T05:31:37.120123 80 / tcp

nginx1.19.10

1882785403 | 2024-04-19T05:31:41.132800 443 / tcp

nginx1.19.10

1211758314 | 2024-04-16T00:17:21.142842 3000 / tcp

Grafana (Open Source)10.4.0

Products

Pricing

Contact Us

-780813541 | 2024-04-11T21:56:46.350384
22 / tcp

1882785403 | 2024-04-19T05:31:37.120123
80 / tcp

1882785403 | 2024-04-19T05:31:41.132800
443 / tcp

1211758314 | 2024-04-16T00:17:21.142842
3000 / tcp