GeneralInformation

Hostnames	lcgpro.preprod.frencht.co static.204.218.69.159.clients.your-server.de
Domains	frencht.co your-server.de
Country	Germany
City	Nürnberg
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

WebTechnologies

Security

reCAPTCHA

Tag managers

Google Tag Manager

Widgets

Hello Bar

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

22 80 443 3306 8080

-1771057607 | 2024-04-23T22:15:38.848875

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQC2ZlayYag3h/ByC4SJnUWW7hDJvAnj1wgcUqihaZjIHzkK
4Hb/lcux/RVgOdw0g4eWqyhoVZmZZ067MI6TvwtLd7PoB0okIQ+yWABbyuZ84YLf0D9/u3r7l++8
XPP4OMKnK4pMPpNKrJvQa2Spw9N2fpZ6ChLp21F2tY9O0x4aeDONrC5xct9O+/JZsWODaFCM+jkr
5BY7Mtp4rxIDNdf6vXkpIPjfPi992VVHdRtmewyOQCDpMu2dv+o7trQW485b2VqGHBq21Tyim+hW
04q9fCAG+9CSKOqLqhN1YHMMukPTID2HMifNToMWO1UD6I09DCFDmTiGdZQqRA99g5cH
Fingerprint: d4:d2:98:1e:e2:ab:f7:52:3c:62:8d:b1:70:07:40:31

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-925829564 | 2024-04-27T06:29:57.170072

80 / tcp

HTTP/1.1 301 Moved Permanently
Date: Sat, 27 Apr 2024 06:29:57 GMT
Server: Varnish
X-Varnish: 1034183
location: https://159.69.218.204/
Content-Length: 0
Connection: keep-alive

-99994518 | 2024-04-29T13:36:04.439302

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 29 Apr 2024 13:36:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 65470
Connection: keep-alive
Set-Cookie: PHPSESSID=fad6eded2e19547c9489146de77b2e60; expires=Tue, 14-May-2024 13:36:03 GMT; Max-Age=1296000; path=/; domain=lcgpro.preprod.frencht.co; HttpOnly
Set-Cookie: PHPSESSID=fad6eded2e19547c9489146de77b2e60; expires=Tue, 14-May-2024 13:36:03 GMT; Max-Age=1296000; path=/; SameSite=None; domain=lcgpro.preprod.frencht.co; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:8a:07:1c:3c:39:a4:d0:43:0b:6a:a8:b5:09:56:da:40:00
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Oct  6 09:23:49 2023 GMT
            Not After : Jan  4 09:23:48 2024 GMT
        Subject: CN=lcgpro.preprod.frencht.co
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bd:0d:6d:2c:cf:5e:cf:8f:09:f2:11:9d:a0:18:
                    89:00:88:8b:54:4d:af:0c:3f:f4:39:52:e7:15:b1:
                    46:ff:f5:f2:c3:b8:0b:d1:5d:20:e4:ad:7d:07:c8:
                    c8:9a:91:5f:af:18:52:60:f9:ee:14:f4:43:66:a1:
                    98:72:7f:d4:fa:e8:63:65:fa:72:db:b6:02:93:5e:
                    de:7f:0d:a6:18:a6:d7:13:f0:15:b6:dd:0f:04:6c:
                    1f:cf:00:57:d9:c4:0d:90:2f:a5:0c:da:01:fd:d1:
                    cd:8d:e2:6f:75:f6:f6:c8:41:2b:80:ae:13:ae:18:
                    2a:22:9e:e3:74:62:d2:25:00:1e:bc:fe:b3:43:2c:
                    2a:0a:d3:98:fe:e3:4e:f0:67:42:7b:1f:2a:26:b4:
                    eb:5f:13:43:38:56:09:38:b4:0a:34:3c:ec:3b:63:
                    19:7b:52:f3:f6:94:bb:66:ed:65:6d:17:a3:0d:a1:
                    8e:78:ad:63:2a:24:1c:06:0d:10:1c:6e:80:4b:87:
                    20:0d:3c:e6:81:8b:31:d7:48:9c:48:b5:d4:3c:33:
                    1d:d8:a4:8f:a1:ab:f5:4a:7c:3e:22:c1:25:68:95:
                    36:55:c3:b5:42:16:52:aa:dd:47:20:01:63:4e:da:
                    92:da:23:1d:f5:e6:ef:51:31:71:31:8f:dc:a8:1e:
                    0d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E7:C9:E7:BD:68:2B:88:56:76:DB:B1:BD:EB:74:C9:E4:DF:B2:C9:9D
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:lcgpro.preprod.frencht.co
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Oct  6 10:23:49.297 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B3:15:CC:62:EE:28:D5:5F:FF:64:B3:
                                2B:D7:CD:25:53:D7:31:0B:41:E9:2A:3D:C3:E4:26:AC:
                                95:DD:03:71:0B:02:20:26:3A:D4:D5:33:59:3A:3D:5E:
                                55:4D:AF:98:18:3F:9B:1F:6B:CF:F4:19:F2:01:DD:AD:
                                81:6E:79:4D:F6:EC:B5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Oct  6 10:23:49.699 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:85:1E:82:73:52:0C:66:51:15:AA:E6:
                                29:03:CE:0B:67:22:BF:7A:47:E6:BF:4D:6A:9D:DF:BE:
                                F2:E1:94:7E:35:02:21:00:EC:16:18:FA:F3:D3:85:4B:
                                70:3F:29:FB:A8:D8:6D:8F:86:4F:12:66:94:F4:2E:E4:
                                8C:34:43:49:81:69:7A:F0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        33:c2:01:29:ec:6a:a2:68:6a:39:12:82:1b:1a:3b:61:57:e5:
        50:b7:75:8d:b8:8f:61:7e:e4:fd:80:82:76:e8:1a:ea:68:a9:
        16:32:9c:22:86:02:87:b0:17:81:66:43:fd:d4:b4:25:5e:8f:
        a2:38:f4:2a:80:cf:bd:5e:3c:85:3f:e7:d1:34:bf:46:76:5e:
        44:d9:eb:3e:19:b7:bd:ad:22:0b:d1:4c:84:81:b2:b0:24:09:
        d7:4f:21:1e:a4:43:3a:03:63:b0:2f:64:cb:75:45:64:af:ac:
        0c:67:cd:7c:9e:fa:b9:0b:99:d6:72:ef:81:45:ba:df:ad:81:
        94:77:f1:e0:cf:2c:b6:25:a6:97:c0:d0:5b:5f:76:6d:b0:23:
        f0:28:b4:55:93:53:98:b5:ed:7e:00:d5:f2:f4:8b:f2:4c:dd:
        61:17:d5:d2:84:e8:c2:c7:3b:cb:fa:54:f0:f9:cc:9b:5f:ec:
        b7:5d:1a:92:be:99:05:b7:89:0e:a1:43:29:6e:dc:0d:7a:e2:
        53:97:7c:4c:09:33:bc:3e:8c:a3:46:8e:93:d8:a5:bf:b5:00:
        a5:1b:e2:53:a5:6f:72:61:38:e0:52:94:13:4e:a2:b1:f4:96:
        30:7a:e0:1d:0e:4a:0d:1f:28:fd:e7:8a:eb:52:7c:11:b1:c7:
        30:67:3f:42

1535299667 | 2024-04-26T09:49:51.038302

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.2.29-MariaDB-1:10.2.29+maria~bionic
  Capabilities: 63486
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 33215
  Authentication Plugin: mysql_native_password

1373878899 | 2024-04-17T16:47:17.153027

8080 / tcp

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 17 Apr 2024 16:47:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.25-1+ubuntu18.04.1+deb.sury.org+1
Set-Cookie: PHPSESSID=f027e06ec9fc7a8d7d277bd830f071dd; expires=Thu, 02-May-2024 16:47:16 GMT; Max-Age=1296000; path=/; domain=lcgpro.preprod.frencht.co; HttpOnly
Set-Cookie: PHPSESSID=f027e06ec9fc7a8d7d277bd830f071dd; expires=Thu, 02-May-2024 16:47:16 GMT; Max-Age=1296000; path=/; SameSite=None; domain=lcgpro.preprod.frencht.co; HttpOnly
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Mon, 17 Apr 2023 16:47:16 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

159.69.218.204

Last Seen: 2024-04-29

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1771057607 | 2024-04-23T22:15:38.848875
22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.3

-925829564 | 2024-04-27T06:29:57.170072
80 / tcp

-99994518 | 2024-04-29T13:36:04.439302
443 / tcp

nginx1.16.1

1535299667 | 2024-04-26T09:49:51.038302
3306 / tcp

MariaDB10.2.29-MariaDB-1:10.2.29+maria~bionic

1373878899 | 2024-04-17T16:47:17.153027
8080 / tcp

nginx1.16.1

Products

Pricing

Contact Us

159.69.218.204

Last Seen: 2024-04-29

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1771057607 | 2024-04-23T22:15:38.848875 22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.3

-925829564 | 2024-04-27T06:29:57.170072 80 / tcp

-99994518 | 2024-04-29T13:36:04.439302 443 / tcp

nginx1.16.1

1535299667 | 2024-04-26T09:49:51.038302 3306 / tcp

MariaDB10.2.29-MariaDB-1:10.2.29+maria~bionic

1373878899 | 2024-04-17T16:47:17.153027 8080 / tcp

nginx1.16.1

Products

Pricing

Contact Us

-1771057607 | 2024-04-23T22:15:38.848875
22 / tcp

-925829564 | 2024-04-27T06:29:57.170072
80 / tcp

-99994518 | 2024-04-29T13:36:04.439302
443 / tcp

1535299667 | 2024-04-26T09:49:51.038302
3306 / tcp

1373878899 | 2024-04-17T16:47:17.153027
8080 / tcp