GeneralInformation

Hostnames	shadow39.online static.114.244.21.65.clients.your-server.de
Domains	shadow39.online your-server.de
Country	Finland
City	Helsinki
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Ubuntu

WebTechnologies

CDN

PaaS

Reverse proxies

Security

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000 4000 5000 6379

265454962 | 2024-05-06T03:36:32.216869

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJOeWYAesYNkQA+gtQBdHY5N
ZqBV8D6otudb9Ic6/ZVJ5RsVUrWFWIO4tIr9gZRpCpcpDKOKxCxShAujIZ97I8k=
Fingerprint: 6e:8c:9f:32:26:73:0b:9a:66:37:25:94:83:0d:9e:78

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

589765266 | 2024-05-08T11:23:46.314702

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 08 May 2024 11:23:46 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://65.21.244.114/

1788305407 | 2024-05-08T12:15:16.819895

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 08 May 2024 12:15:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 213
Connection: keep-alive
x-trace: lNY9Vbs4zm
x-envoy-upstream-service-time: 3
x-cache: Hit from cloudfront
via: 1.1 972d4acd04a2126f84b4c0b10ef11856.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: UJMyWfH2X8y-AvjGi-jNKoyJI6hh6BNj9o2DmS2KnWJvFK_o2xlong==
age: 33
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
vary: Origin
cache-control: public, max-age=30

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:ad:f5:f4:2c:aa:96:03:77:7e:5a:bb:73:6c:71:d4:36:d7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 18 19:04:28 2024 GMT
            Not After : Jul 17 19:04:27 2024 GMT
        Subject: CN=shadow39.online
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:df:c0:1f:37:5f:33:ff:1f:bb:9e:54:aa:65:54:
                    96:53:47:69:30:21:37:7e:ec:00:b7:c1:6c:90:38:
                    d1:2e:7a:65:bd:e5:4f:c5:a4:e5:23:53:19:33:7f:
                    3c:cc:35:c8:ef:36:11:bb:c1:3e:1a:89:fc:2a:13:
                    a1:9f:5d:e8:6c:6d:a3:d8:fa:86:eb:88:7b:fd:94:
                    67:85:3f:07:a1:c6:54:40:5f:fd:cf:fb:05:0c:e8:
                    82:14:06:d2:18:6b:c7:98:de:91:70:b8:bd:05:2f:
                    5e:0e:bb:df:68:86:59:ee:af:b6:03:ee:24:83:7a:
                    83:e3:13:d6:29:fa:59:a2:58:cf:bb:77:30:6e:99:
                    66:45:26:b7:5a:8a:a2:bc:f1:68:49:8e:35:c4:00:
                    ef:f1:db:98:c0:0c:01:41:e3:40:76:b9:fa:1d:a2:
                    58:c2:fe:61:e0:d9:57:30:e5:e9:b3:a3:ef:d3:64:
                    1a:4c:33:41:7b:ca:e7:fb:60:00:5b:81:a5:c4:2c:
                    60:02:b5:32:8b:ea:d6:02:da:e5:94:54:a8:10:2b:
                    5e:d4:3a:97:2a:3c:25:f1:2c:e8:ce:a5:85:67:d9:
                    93:a9:29:d9:01:bd:d6:ed:f9:65:56:05:4f:91:3a:
                    57:ca:26:a2:67:ad:9b:f4:f4:c8:6a:52:fa:55:24:
                    8d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                37:E1:C6:D5:1C:37:CA:A0:C4:F6:46:68:D8:D7:1F:D2:A7:BA:59:0B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.shadow39.online, DNS:shadow39.online
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 18 20:04:29.183 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:58:4D:B4:58:75:40:D2:3E:BB:70:34:E3:
                                6B:17:CE:EF:F4:95:94:4C:6E:EC:AA:C5:DB:C1:79:0F:
                                53:3A:2D:12:02:20:1B:25:B0:7B:B2:A2:D0:5F:AE:A4:
                                49:48:AC:E5:F6:7A:24:EC:EE:88:16:B0:62:E2:28:7E:
                                31:3A:6B:13:5A:12
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr 18 20:04:29.382 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5D:02:CA:C2:CF:BC:68:3B:80:EB:E8:7E:
                                05:E5:B0:C0:FD:5A:97:56:8A:07:A1:64:D8:36:32:0E:
                                81:43:1F:0B:02:21:00:CF:C3:AC:6C:E4:90:BE:CA:70:
                                04:8F:5A:02:7F:8B:29:8C:ED:BB:E4:BD:13:8D:37:F8:
                                E2:4A:0D:FD:B3:CF:13
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        38:54:34:b7:d0:fd:ff:3e:a5:ff:cc:56:2e:0f:4c:20:9e:e0:
        4e:4e:3a:08:46:9b:e7:a3:28:d1:57:91:6d:7c:96:83:38:db:
        1a:91:71:57:11:c1:40:a3:29:b3:2b:78:46:40:e7:fa:8e:8b:
        6d:3e:d4:64:43:fc:84:d1:df:8f:95:ea:90:a2:11:be:92:9c:
        d5:4a:99:81:c5:10:7f:97:c2:6a:a5:2a:e2:2e:d9:f8:ae:09:
        ba:32:25:0f:08:7a:45:b9:1e:81:db:d6:bf:fb:dc:f4:30:3b:
        ce:c9:fa:b6:89:1c:81:22:11:89:32:63:78:4e:a5:a0:c9:2b:
        c3:1d:ff:3c:b2:e2:56:f2:a8:70:de:96:49:77:d8:f6:30:dd:
        92:b7:cb:48:c4:12:35:5d:66:e8:54:58:f7:11:61:70:b8:ac:
        1e:98:15:49:21:a6:3c:55:c4:9b:eb:e0:03:63:10:a7:39:e0:
        c9:1f:54:e7:98:3e:62:20:04:4f:96:75:3f:37:e8:e4:2e:a9:
        ae:41:51:65:3b:b8:f6:d9:1b:8a:c6:cc:6b:48:a7:3a:5b:98:
        50:2d:00:82:0c:53:a2:cb:f8:b4:39:31:a9:97:14:a6:b9:1e:
        e5:65:d2:5e:a9:e3:e4:ca:12:05:69:61:41:c0:ad:3e:50:01:
        b3:25:ee:83

304016660 | 2024-04-18T17:10:05.742287

3000 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
content-length: 213
date: Thu, 18 Apr 2024 17:08:27 GMT
x-trace: 2ZqFhRb6PM
server: envoy
x-envoy-upstream-service-time: 80
x-cache: Hit from cloudfront
via: 1.1 bebaf9a83d825f873f9b24846f10aed0.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P3
x-amz-cf-id: 3WQKNZKMArasDkUbCqiDzcIpVKXF8tB26r_gkseSyGpNbxmU1KfJIQ==
age: 98
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
vary: Origin
cache-control: public, max-age=30

-1246004407 | 2024-04-16T13:54:18.584348

4000 / tcp

HTTP/1.1 400 Bad Request
Connection: close

1232748935 | 2024-04-12T13:20:14.861734

5000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Content-Length: 1211690
ETag: W/"127d2a-teYNk5SOCTEl3BWMdvrhOL5SEa0"
Date: Fri, 12 Apr 2024 13:20:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5

714811335 | 2024-05-07T16:11:58.310846

6379 / tcp

# Server
redis_version:7.2.4
redis_git_sha1:00000000
redis_git_dirty:0
redis_build_id:7c3cbaf27e881543
redis_mode:standalone
os:Linux 5.15.0-101-generic x86_64
arch_bits:64
monotonic_clock:POSIX clock_gettime
multiplexing_api:epoll
atomicvar_api:c11-builtin
gcc_version:12.2.0
process_id:1
process_supervised:no
run_id:68546ba57fc0f5ebd9b11692dcc9f3c938ce2a7d
tcp_port:6379
server_time_usec:1715098317905213
uptime_in_seconds:2189821
uptime_in_days:25
hz:10
configured_hz:10
lru_clock:3822285
executable:/data/redis-server
config_file:
io_threads_active:0
listener0:name=tcp,bind=*,bind=-::*,port=6379

# Clients
connected_clients:3
cluster_connections:0
maxclients:10000
client_recent_max_input_buffer:8
client_recent_max_output_buffer:0
blocked_clients:0
tracking_clients:0
clients_in_timeout_table:0
total_blocking_keys:0
total_blocking_keys_on_nokey:0

# Memory
used_memory:4329632
used_memory_human:4.13M
used_memory_rss:8876032
used_memory_rss_human:8.46M
used_memory_peak:71279304
used_memory_peak_human:67.98M
used_memory_peak_perc:6.07%
used_memory_overhead:1055600
used_memory_startup:866056
used_memory_dataset:3274032
used_memory_dataset_perc:94.53%
allocator_allocated:4461336
allocator_active:5632000
allocator_resident:11362304
total_system_memory:4001112064
total_system_memory_human:3.73G
used_memory_lua:108544
used_memory_vm_eval:108544
used_memory_lua_human:106.00K
used_memory_scripts_eval:51776
number_of_cached_scripts:28
number_of_functions:0
number_of_libraries:0
used_memory_vm_functions:32768
used_memory_vm_total:141312
used_memory_vm_total_human:138.00K
used_memory_functions:184
used_memory_scripts:51960
used_memory_scripts_human:50.74K
maxmemory:268435456
maxmemory_human:256.00M
maxmemory_policy:allkeys-lru
allocator_frag_ratio:1.26
allocator_frag_bytes:1170664
allocator_rss_ratio:2.02
allocator_rss_bytes:5730304
rss_overhead_ratio:0.78
rss_overhead_bytes:-2486272
mem_fragmentation_ratio:2.07
mem_fragmentation_bytes:4586448
mem_not_counted_for_evict:0
mem_replication_backlog:0
mem_total_replication_buffers:0
mem_clients_slaves:0
mem_clients_normal:3856
mem_cluster_links:0
mem_aof_buffer:0
mem_allocator:jemalloc-5.3.0
active_defrag_running:0
lazyfree_pending_objects:0
lazyfreed_objects:0

# Persistence
loading:0
async_loading:0
current_cow_peak:0
current_cow_size:0
current_cow_size_age:0
current_fork_perc:0.00
current_save_keys_processed:0
current_save_keys_total:0
rdb_changes_since_last_save:1575
rdb_bgsave_in_progress:0
rdb_last_save_time:1715093880
rdb_last_bgsave_status:ok
rdb_last_bgsave_time_sec:-1
rdb_current_bgsave_time_sec:-1
rdb_saves:2427
rdb_last_cow_size:0
rdb_last_load_keys_expired:0
rdb_last_load_keys_loaded:0
aof_enabled:0
aof_rewrite_in_progress:0
aof_rewrite_scheduled:0
aof_last_rewrite_time_sec:-1
aof_current_rewrite_time_sec:-1
aof_last_bgrewrite_status:ok
aof_rewrites:0
aof_rewrites_consecutive_failures:0
aof_last_write_status:ok
aof_last_cow_size:0
module_fork_in_progress:0
module_fork_last_cow_size:0

# Stats
total_connections_received:1831
total_commands_processed:3165938
instantaneous_ops_per_sec:0
total_net_input_bytes:1642450360
total_net_output_bytes:67140942
total_net_repl_input_bytes:1956760
total_net_repl_output_bytes:0
instantaneous_input_kbps:0.00
instantaneous_output_kbps:0.00
instantaneous_input_repl_kbps:0.00
instantaneous_output_repl_kbps:0.00
rejected_connections:0
sync_full:0
sync_partial_ok:0
sync_partial_err:0
expired_keys:0
expired_stale_perc:0.00
expired_time_cap_reached_count:0
expire_cycle_cpu_milliseconds:148309
evicted_keys:0
evicted_clients:0
total_eviction_exceeded_time:0
current_eviction_exceeded_time:0
keyspace_hits:18571
keyspace_misses:2144478
pubsub_channels:0
pubsub_patterns:0
pubsubshard_channels:0
latest_fork_usec:0
total_forks:0
migrate_cached_sockets:0
slave_expires_tracked_keys:0
active_defrag_hits:0
active_defrag_misses:0
active_defrag_key_hits:0
active_defrag_key_misses:0
total_active_defrag_time:0
current_active_defrag_time:0
tracking_total_keys:0
tracking_total_items:0
tracking_total_prefixes:0
unexpected_error_replies:0
total_error_replies:4470
dump_payload_sanitizations:0
total_reads_processed:725628
total_writes_processed:723528
io_threaded_reads_processed:0
io_threaded_writes_processed:0
reply_buffer_shrinks:1836
reply_buffer_expands:311
eventloop_cycles:22561907
eventloop_duration_sum:3272644245
eventloop_duration_cmd_sum:42583986
instantaneous_eventloop_cycles_per_sec:9
instantaneous_eventloop_duration_usec:118
acl_access_denied_auth:0
acl_access_denied_cmd:0
acl_access_denied_key:0
acl_access_denied_channel:0

# Replication
role:master
connected_slaves:0
master_failover_state:no-failover
master_replid:9ea14df01af088c19f4410385d6faa60503aa6ad
master_replid2:88014e93f4d4d034acaee558c3e18fd33d69bed9
master_repl_offset:0
second_repl_offset:1
repl_backlog_active:0
repl_backlog_size:1048576
repl_backlog_first_byte_offset:0
repl_backlog_histlen:0

# CPU
used_cpu_sys:1531.210146
used_cpu_user:1645.463440
used_cpu_sys_children:0.002374
used_cpu_user_children:0.001902
used_cpu_sys_main_thread:1530.947813
used_cpu_user_main_thread:1645.336847

# Modules

# Errorstats
errorstat_ERR:count=4468
errorstat_READONLY:count=2

# Cluster
cluster_enabled:0

# Keyspace
db0:keys=1579,expires=1575,avg_ttl=26205831

# Keys
# NOTE: more keys available in the database
k1BDxWdUsWJz1r7iQ4brRoRHsvBhPj5fOF7PQWC5pqQ
#|Zg3tRc7uYvdseiW-INkjsZdyzwhFzLjiY84wezgE3wOwKsWXHY5CaacVUnALS1Jz
k2inD99dEd4w8IuBACFc9Qq8FfTL6gvi6cnL7bz3Liw
N1o3N1jTn41I8xBzqAVSFExnYhGp0Lg-EJxJaO4WNeQ
oZqxcHf54dB1GJzCzjNKLW7pW9LtbbNCs-TJteHhX6w
backup1
DzplELw_Lv0DQ8enaPtPsmBAwDFBXu3_ks-s12UlwP4
#|XTttKmKGB9g5aabjiedm7-o1tb-buJpTctPvpm5brU_MC74ADrY4PMC1CRCTPDYl
eglKWA7S5_cERfKfOr7EYbV9C138qutdGXUytavuQzk
4BO50O6LAEGpm_seYyt01-S18Kk-RuY33lYXIzJWIrA
_scClJ_WXk_YZECrelS-f_jTlFIrUPcCXqJhAqkmoy0

# Connected Clients
id=3 addr=172.18.0.5:50672 laddr=172.18.0.2:6379 fd=8 name= age=2189817 idle=89 flags=N db=0 sub=0 psub=0 ssub=0 multi=-1 qbuf=0 qbuf-free=0 argv-mem=0 multi-mem=0 rbs=1024 rbp=0 obl=0 oll=0 omem=0 tot-mem=1928 events=r cmd=set user=default redir=-1 resp=2 lib-name= lib-ver=
id=4 addr=172.18.0.5:50686 laddr=172.18.0.2:6379 fd=9 name= age=2189817 idle=89 flags=N db=0 sub=0 psub=0 ssub=0 multi=-1 qbuf=0 qbuf-free=0 argv-mem=0 multi-mem=0 rbs=1024 rbp=0 obl=0 oll=0 omem=0 tot-mem=1928 events=r cmd=set user=default redir=-1 resp=2 lib-name= lib-ver=
id=1858 addr=224.161.113.186:52748 laddr=172.18.0.2:6379 fd=10 name= age=1 idle=0 flags=N db=0 sub=0 psub=0 ssub=0 multi=-1 qbuf=26 qbuf-free=20448 argv-mem=10 multi-mem=0 rbs=1024 rbp=578 obl=0 oll=0 omem=0 tot-mem=22426 events=r cmd=client|list user=default redir=-1 resp=2 lib-name= lib-ver=

65.21.244.114

Last Seen: 2024-05-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

265454962 | 2024-05-06T03:36:32.216869
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

589765266 | 2024-05-08T11:23:46.314702
80 / tcp

nginx1.18.0

1788305407 | 2024-05-08T12:15:16.819895
443 / tcp

nginx1.18.0

304016660 | 2024-04-18T17:10:05.742287
3000 / tcp

-1246004407 | 2024-04-16T13:54:18.584348
4000 / tcp

1232748935 | 2024-04-12T13:20:14.861734
5000 / tcp

714811335 | 2024-05-07T16:11:58.310846
6379 / tcp

Redis key-value store7.2.4

Products

Pricing

Contact Us

65.21.244.114

Last Seen: 2024-05-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

265454962 | 2024-05-06T03:36:32.216869 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

589765266 | 2024-05-08T11:23:46.314702 80 / tcp

nginx1.18.0

1788305407 | 2024-05-08T12:15:16.819895 443 / tcp

nginx1.18.0

304016660 | 2024-04-18T17:10:05.742287 3000 / tcp

-1246004407 | 2024-04-16T13:54:18.584348 4000 / tcp

1232748935 | 2024-04-12T13:20:14.861734 5000 / tcp

714811335 | 2024-05-07T16:11:58.310846 6379 / tcp

Redis key-value store7.2.4

Products

Pricing

Contact Us

265454962 | 2024-05-06T03:36:32.216869
22 / tcp

589765266 | 2024-05-08T11:23:46.314702
80 / tcp

1788305407 | 2024-05-08T12:15:16.819895
443 / tcp

304016660 | 2024-04-18T17:10:05.742287
3000 / tcp

-1246004407 | 2024-04-16T13:54:18.584348
4000 / tcp

1232748935 | 2024-04-12T13:20:14.861734
5000 / tcp

714811335 | 2024-05-07T16:11:58.310846
6379 / tcp