Hostnames |
admin.oomidichat.com static.234.146.108.65.clients.your-server.de |
Domains | oomidichat.com your-server.de |
Country | Finland |
City | Helsinki |
Organization | Hetzner Online GmbH |
ISP | Hetzner Online GmbH |
ASN | AS24940 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-334973415 | 2024-06-01T16:13:26.73006122 / tcp
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11 Key type: ssh-rsa Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCkLz9PdKa4/xwCAyK8JfCl8MYsFo/+1Zs+6oIzasxe4vG4 EC7MNnH59SsBnEyui+uTtRqqxrhsiTs3BnCFqtodr+Xmh3e88hHczxWYzQT8yQUBdV9+XexdfIqI Q+8nduP4TzBZkytxjX8ssgDPMhHX6ntCHQmj4gozHBN0rQRUCxkcRGwz/JRazxENBKRJmHdrQMzQ G1F0noTHwjHpL8Z+5MaV9bdOW3MhTfScaRWNhtlGlcwIJ0LGFmXN8Z/nA1sld50QWXKuOf8M9h5I pyggbTPoX19dOTwNj1QlF3e2W7vTw/qxa1vZSL5UWumh39sHkcrGWirYmDTPEbdOApw4en8OcO1Q ZvPsujLttBnDTAc9A4TfaNxN92vZ2HqnzZHf3y/M52AiEqWCAxf7UopmRBFlbmOmzussxFozv5ig JTRiNWZjRixNXC+BlrURrjXAV/YJEZGCr43/xJwbm2oW5fqvFL6Ndzh7gosyOP+EBLo627PKI71W IwslxFLX+WE= Fingerprint: c0:f2:6e:7c:c0:4c:94:24:5c:4b:2f:2b:f5:24:6a:33 Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 kex-strict-s-v00@openssh.com Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
677579724 | 2024-05-26T11:49:38.32357180 / tcp
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Sun, 26 May 2024 11:49:38 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive
-1384639342 | 2024-05-14T09:30:06.791499443 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 14 May 2024 09:30:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=jka0hg0hecdoa5dhc7gk0cntk0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache
Certificate: Data: Version: 3 (0x2) Serial Number: 04:f9:a8:ac:fe:17:b0:bf:24:8e:be:74:25:4e:1f:ee:8b:dc Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Jan 7 04:32:27 2024 GMT Not After : Apr 6 04:32:26 2024 GMT Subject: CN=admin.oomidichat.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:cb:c1:81:eb:a5:ff:22:52:83:0f:a4:f2:49:36: 0b:c7:4d:37:bb:8a:1e:d5:83:f0:ee:e0:44:b8:d2: 25:81:30:c3:c6:1f:36:75:f6:69:9c:dd:b0:41:8d: 22:a4:a6:f6:53:19:71:f5:d8:77:32:e3:66:5c:12: cc:6f:30:18:8f:ae:6e:53:78:ac:ab:8c:16:a0:02: ae:8b:63:d9:11:43:78:98:31:2d:17:15:ea:74:75: 59:cc:8f:28:20:b1:d2:f4:97:de:44:e8:26:cc:de: c8:ac:eb:24:fe:d9:85:9a:4f:d3:29:6a:39:11:91: 9b:de:da:c6:71:30:ca:2d:4a:95:19:f2:b4:cf:be: b7:f9:aa:0c:dc:79:8a:4b:3f:cd:6b:39:d5:77:c4: c7:39:f6:bb:8c:05:eb:d6:2f:f2:42:32:cf:cd:59: d3:5f:95:40:5b:d3:95:03:02:34:18:0c:14:a2:f0: db:f6:79:5a:c2:f2:c9:3d:a1:ab:a7:86:56:74:cb: ea:c4:07:26:a5:65:b9:c4:76:ff:7a:1a:e5:60:9c: 44:12:58:0a:b5:18:22:a5:72:18:95:c2:62:02:53: 86:ce:51:95:de:ca:e5:8b:68:9a:a4:0d:ef:92:cf: 1b:dd:1d:bf:c7:a6:a0:ec:bd:2c:4b:1b:68:c3:71: a8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 77:24:79:18:F5:90:F7:64:C6:43:1C:8B:E7:A8:77:C4:29:6D:6B:5A X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:admin.oomidichat.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB: 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73 Timestamp : Jan 7 05:32:27.955 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:AA:8C:22:C8:ED:31:C1:7F:64:DE:91: 88:0E:96:A2:44:07:A0:D0:82:6F:E4:5D:ED:A0:D5:A5: BD:F3:67:5A:43:02:21:00:F4:55:EB:C9:82:55:F5:A6: 7D:07:1C:BF:6A:07:76:94:A7:EC:B0:9F:24:41:10:CA: 64:6E:BF:19:58:56:1E:5E Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Jan 7 05:32:28.028 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CF:2B:93:99:14:9D:B6:E1:1D:E4:91: 2B:FF:58:DB:71:CD:36:43:72:1A:2E:86:2F:DF:11:EA: CC:15:68:EA:12:02:21:00:B9:75:7E:9F:08:0A:6B:55: 89:12:95:C1:EF:36:F0:FD:E4:9B:93:2C:B2:F7:1A:2A: 1F:5F:4F:36:55:13:E7:45 Signature Algorithm: sha256WithRSAEncryption Signature Value: 34:4b:1c:37:a6:92:60:bd:27:f2:b6:06:95:52:25:96:24:66: 20:12:da:ac:64:bc:dd:5e:12:88:0c:db:ff:5e:34:1a:4c:e2: f1:52:6f:b2:c3:73:b5:70:9e:e9:98:56:3f:be:c8:4a:3c:ca: e0:d4:ee:71:80:9c:4d:d3:93:f1:ae:f9:b0:36:ac:3c:7f:ad: 1d:e0:9a:99:cc:a0:14:7b:3a:27:9b:db:32:56:fa:4a:06:f9: 54:fb:10:14:78:28:dc:0e:cc:9e:04:34:65:3e:01:dd:10:2e: 08:70:d7:1f:7a:48:8d:52:7b:21:54:ba:45:9f:1d:b3:df:c5: b8:cc:8a:e6:ae:0d:24:81:4f:ca:98:89:ee:fc:40:ad:92:53: 7e:32:a6:70:c0:a5:44:98:a1:43:63:aa:16:b7:39:f8:78:87: 7f:b4:d9:5d:35:ba:70:d4:eb:4e:d2:01:96:47:28:ee:a6:f5: d7:62:80:f5:5a:ee:ce:f1:f6:b0:f8:a0:c4:0b:5f:c6:26:88: d4:56:f7:7b:2a:f6:9f:1d:ed:fe:db:e8:ac:5e:fa:cc:9f:b3: 5b:2d:a3:b3:b2:79:77:69:a9:76:4e:40:a6:73:3f:23:63:d5: d0:05:c1:d7:cf:24:09:cc:73:8d:5b:54:4f:70:f2:68:64:a8: 09:3e:8c:ec
-1041937265 | 2024-05-11T04:15:37.5484353000 / tcp
HTTP/1.1 403 Forbidden Content-Type: text/plain Date: Sat, 11 May 2024 04:15:37 GMT Connection: keep-alive Keep-Alive: timeout=5 Transfer-Encoding: chunked
1248136968 | 2024-05-30T23:09:50.3503233478 / udp
STUN Server IP: 65.108.146.234
-437132840 | 2024-06-01T11:13:41.7412165001 / tcp
HTTP/1.1 302 Found X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET,PUT,POST,DELETE Access-Control-Allow-Headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept Location: /login Vary: Accept Content-Type: text/plain; charset=utf-8 Content-Length: 28 Set-Cookie: connect.sid=s%3A2OW9ZCLXRZHmEA0ZIQejYGfvM2Fd1m8S.r6LxflSOSLy45oNTLSifJ3k6pqR7%2Fs0CUP%2BWVui5x4g; Path=/; Expires=Wed, 05 Jun 2024 15:13:41 GMT Date: Sat, 01 Jun 2024 11:13:41 GMT Connection: keep-alive Keep-Alive: timeout=5 Found. Redirecting to /login
964997625 | 2024-06-02T05:11:26.1671985222 / tcp
<?xml version='1.0'?><stream:stream id='2fbfe2fd-9716-4594-b645-8a2c0e856dae' from='65.108.146.234' xml:lang='en' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'><stream:error><host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>This server does not serve 65.108.146.234</text></stream:error></stream:stream>
-1552123833 | 2024-06-01T09:21:18.0964135269 / tcp
<?xml version='1.0'?><stream:stream id='c4b63e51-3277-44f7-83c5-0cfafbc11670' from='65.108.146.234' xml:lang='en' xmlns='jabber:server' to='' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'><stream:error><host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>This host does not serve 65.108.146.234</text></stream:error></stream:stream>
574130828 | 2024-05-29T12:39:00.3537988000 / tcp
HTTP/1.1 404 Not Found Date: Wed, 29 May 2024 12:39:00 GMT Content-Length: 9 Content-Type: text/plain; charset=utf-8
1202399600 | 2024-05-17T14:44:20.9353698080 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Fri, 17 May 2024 14:44:20 GMT Content-Type: text/html Content-Length: 62544 Last-Modified: Tue, 23 Apr 2024 11:16:33 GMT Connection: keep-alive ETag: "66279891-f450" Accept-Ranges: bytes
14869586 | 2024-05-31T10:33:52.7788548081 / tcp
HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 6180 Content-Security-Policy: frame-ancestors 'self' * Content-Type: text/html; charset=utf-8 Etag: "se4j6v4ro" Last-Modified: Mon, 27 May 2024 03:04:07 GMT X-Appsmith-Request-Id: bbf77e4b-d0df-4ab9-9333-a29eb14cd6be X-Content-Type-Options: nosniff X-Request-Id: invalid_request_id Date: Fri, 31 May 2024 10:33:52 GMT <!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/><title>Appsmith</title><style>#loader{position:fixed;left:0;top:0;height:4px;background:#d7d7d7;transition:all ease-in .3s}</style><script>const parseConfig=e=>{if(e.startsWith("{")&&e.startsWith("}")||0===e.indexOf("__")||0===e.indexOf("$")||0===e.indexOf("%"))return"";const n=e.trim();return"false"!==n.toLowerCase()&&""!==n&&("true"===n.toLowerCase()||n)},CLOUD_HOSTING=parseConfig(''),ZIPY_KEY=parseConfig(''),AIRGAPPED=parseConfig("%REACT_APP_AIRGAP_ENABLED%")||parseConfig('false');CDN_URL=parseConfig('')||"/"</script><script>window.__APPSMITH_CHUNKS_TO_PRELOAD={"edit-mode":["static/js/svg-icons.84377013.chunk.js","static/css/2623.10a175bd.chunk.css","static/js/2623.42ad534b.chunk.js","static/css/3957.a92a3b13.chunk.css","static/css/6661.4c41cc63.chunk.css","static/js/82.15c1d0a4.chunk.js","static/js/1954.ea247d7f.chunk.js","static/js/5135.9a157b6b.chunk.js","static/js/global-search.ec730f0b.chunk.js","static/js/9080.94a1e4d3.chunk.js","static/css/9879.4d11d8d5.chunk.css","static/js/9879.454d94da.chunk.js","static/js/8528.c41b942b.chunk.js","static/js/7568.c2e8e94a.chunk.js","static/js/9244.e52a69fd.chunk.js","static/js/7270.81df1498.chunk.js","static/css/editor.0d3ea7ff.chunk.css","static/js/editor.f18d496e.chunk.js","static/js/global-search.ec730f0b.chunk.js"],"view-mode":["static/js/svg-icons.84377013.chunk.js","static/css/2623.10a175bd.chunk.css","static/js/2623.42ad534b.chunk.js","static/css/3957.a92a3b13.chunk.css","static/js/82.15c1d0a4.chunk.js","static/js/5135.9a157b6b.chunk.js","static/js/global-search.ec730f0b.chunk.js","static/js/9080.94a1e4d3.chunk.js","static/css/9879.4d11d8d5.chunk.css","static/js/9879.454d94da.chunk.js","static/js/7270.81df1498.chunk.js","static/js/AppViewer.789212c4.chunk.js"]}</script><script>if(CLOUD_HOSTING&&ZIPY_KEY&&!AIRGAPPED){const n=document.createElement("script");n.crossOrigin="anonymous",n.defer=!0,n.src="https://cdn.zipy.ai/sdk/v1.0/zipy.min.umd.js",n.onload=()=>{window.zipy&&window.zipy.init(ZIPY_KEY)};const i=document.getElementsByTagName("head")[0];i&&i.appendChild(n)}</script><script defer="defer" src="/static/js/main.81b68477.js"></script><link href="/static/css/main.4db01284.css" rel="stylesheet"></head><body class="appsmith-light-theme"><noscript>You need to enable JavaScript to run this app.</noscript><div id="loader" style="width:30vw"></div><div id="header-root"></div><div id="root"></div><div id="date-picker-control" style="position:relative;z-index:1000"></div><script type="text/javascript">const getIsLocalStorageSupported=()=>{try{return window.localStorage.setItem("test","testA"),window.localStorage.removeItem("test"),!0}catch(e){return!1}},isLocalStorageSupported=getIsLocalStorageSupported(),handleLocalStorageNotSupportedError=()=>{console.error("Localstorage storage is not supported on your device.")},localStorageUtil={getItem:e=>{if(isLocalStorageSupported)return window.localStorage.getItem(e);handleLocalStorageNotSupportedError()},removeItem:e=>{if(isLocalStorageSupported)return window.localStorage.removeItem(e);handleLocalStorageNotSupportedError()},setItem:(e,r)=>{if(isLocalStorageSupported)return window.localStorage.setItem(e,r);handleLocalStorageNotSupportedError()}};window.addEventListener("DOMContentLoaded",(e=>{document.getElementById("loader").style.width="50vw"}));const registerPageServiceWorker=()=>{"serviceWorker"in navigator&&!window.Cypress&&window.addEventListener("load",(function(){navigator.serviceWorker.register("/pageService.js").catch((e=>{console.error("Service Worker Registration failed: "+e)}))}))};"serviceWorker"in navigator&&!window.Cypress&&window.addEventListener("load",(function(){navigator.serviceWorker.register("/pageService.js").catch((e=>{console.error("Service Worker Registration failed: "+e)}))}))</script><script type="text/javascript">const LOG_LEVELS=["debug","error"],CONFIG_LOG_LEVEL_INDEX=LOG_LEVELS.indexOf(parseConfig('')),INTERCOM_APP_ID=parseConfig("y10e7138")||parseConfig(''),DISABLE_INTERCOM=parseConfig('')||parseConfig('false');INTERCOM_APP_ID.length&&!DISABLE_INTERCOM&&function(){var e=window,_=e.Intercom;if("function"==typeof _)_("reattach_activator"),_("update",e.intercomSettings);else{var n=document,E=function(){E.c(arguments)};E.q=[],E.c=function(e){E.q.push(e)},e.Intercom=E;var I=function(){var e=n.createElement("script");e.type="text/javascript",e.async=!0,e.src="https://widget.intercom.io/widget/"+INTERCOM_APP_ID;var _=n.getElementsByTagName("script")[0];_.parentNode.insertBefore(e,_)};"complete"===document.readyState?I():e.attachEvent?e.attachEvent("onload",I):e.addEventListener("load",I,!1
178957767 | 2024-05-29T14:43:38.6646338888 / tcp
HTTP/1.1 404 Not Found Cache-Control: must-revalidate,no-cache,no-store Content-Type: text/html;charset=iso-8859-1 Content-Length: 410
-1135187285 | 2024-05-29T07:15:08.9466839090 / tcp
HTTP/1.1 404 Not Found Cache-Control: must-revalidate,no-cache,no-store Content-Type: text/html;charset=iso-8859-1 Content-Length: 423
1212680812 | 2024-05-29T08:36:57.4060119443 / tcp
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, must-revalidate Content-Length: 19130 Content-Type: text/html; charset=utf-8 Last-Modified: Sun, 21 Apr 2024 23:50:59 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Date: Wed, 29 May 2024 08:36:25 GMT
Certificate: Data: Version: 3 (0x2) Serial Number: d4:ff:8c:d3:37:65:c6:e3:60:6b:95:13:57:e0:e1:cc Signature Algorithm: ecdsa-with-SHA256 Issuer: Validity Not Before: May 22 03:18:14 2024 GMT Not After : May 22 03:18:14 2029 GMT Subject: Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:96:ba:17:23:ae:cf:ae:98:13:4a:60:36:91:78: 46:35:f4:63:3b:6b:cc:49:ce:79:92:37:5f:12:95: 20:2b:40:05:83:5f:16:e6:a4:a6:15:60:3e:32:bb: 3b:d6:8c:f4:4d:0e:ee:57:6d:ab:32:32:42:31:dd: 22:f7:0a:4b:1c ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Alternative Name: critical DNS:localhost, IP Address:0.0.0.0 Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:7c:4f:41:b8:f1:b9:58:1b:4d:04:8f:7a:80:ac: 96:7e:64:17:a9:69:92:30:46:87:32:f2:66:9e:c9:ce:48:63: 02:20:70:69:94:5a:5a:47:38:2c:f7:62:04:1f:1a:51:5a:96: fd:13:ff:3e:12:62:e1:8e:97:f0:bd:01:e5:33:c4:75