GeneralInformation

Hostnames	de-hz-fal-external.rautemusik.fm
Domains	rautemusik.fm
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 22 80 123 443 3306 9100

997926194 | 2024-05-19T14:48:33.132946

21 / tcp

220 ProFTPD Server (Debian) [::ffff:94.130.245.36]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO    RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
214-ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
214-STOR    STOU    APPE    REST    ABOR    RANG    USER    PASS    
214-ACCT*   REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@DE-HZ-FAL-EXTERNAL.RauteMusik.FM
211-Features:
211-CLNT
211-EPRT
211-EPSV
211-HOST
211-LANG en-US.UTF-8*;en-US;ru-RU.UTF-8;ru-RU
211-MDTM
211-MFF modify;UNIX.group;UNIX.mode;
211-MFMT
211-MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
211-RANG STREAM
211-REST STREAM
211-SITE COPY
211-SITE MKDIR
211-SITE RMDIR
211-SITE SYMLINK
211-SITE UTIME
211-SIZE
211-TVFS
211-UTF8
211 End

528119014 | 2024-05-21T07:57:54.371609

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCy1lsCWmTTaHKOgDdr5xb/IVJvXcP9N+dpGjwYpiWv+D5B
a2dzQfiNzjSF4cQ5STYLj5xf1xmO8bmhewUQmlMe1BQNGadMYjZF8HJx5LFepJfFx/TYy9gOjkEC
rpeLWX4noXonS/UVUCil9MeY4ruKO9OaRx3AaFUDbDs7b1/vsVdRA4+y6NSlThTwdkxhe8sytG+3
bYKsyspRCSOS4VKU6nWcMjMWXoexy8ceYEauqxj36IHPQU8bCUyg6bl5QdbwM/ibH61Xe+y55bBU
LDxc/jH3kzu3BxHITnTo2RN9Rc7EB+LUapxdRdYfd9YNEVUkeHqYju3gCuqr0ZeRtmnf
Fingerprint: f0:27:45:50:ea:1a:ce:64:9a:bc:de:88:1c:6e:9c:83

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1671440734 | 2024-05-13T01:24:13.499086

80 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0
Date: Mon, 13 May 2024 01:24:12 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://94.130.245.36/

52094501 | 2024-05-13T04:04:18.644234

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -22
rootdelay: 0.00868225097656
rootdisp: 0.0365600585938
refid: 2210137055
reftime: 3924560510.8
poll: 3

832999043 | 2024-05-19T16:11:51.140975

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 19 May 2024 16:11:50 GMT
Content-Type: text/html
Content-Length: 91
Last-Modified: Sat, 13 Jul 2019 17:19:29 GMT
Connection: keep-alive
ETag: "5d2a12a1-5b"
Strict-Transport-Security: max-age=15768000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:73:2b:f3:5a:f9:cd:42:a5:3d:35:d3:7c:cd:ec:08:84:11
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 27 08:12:01 2024 GMT
            Not After : Jun 25 08:12:00 2024 GMT
        Subject: CN=*.rautemusik.fm
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:c7:5a:74:0a:94:ba:77:55:4d:8c:96:9e:4b:a6:
                    ef:9a:78:46:52:c6:1c:e2:15:77:72:b3:d6:68:3d:
                    2b:1a:c1:cf:d5:99:cf:6f:54:1a:61:5f:f3:d0:d5:
                    6c:4a:2b:22:cf:7d:3f:7c:7d:3d:d4:3c:ce:84:1a:
                    c3:ec:e0:6d:55
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                69:A8:01:74:AC:16:E1:20:96:D4:B6:4C:D1:CC:F8:43:88:7A:00:3A
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.rautemusik.fm
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 27 09:12:02.077 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D4:D5:BE:56:AF:94:C3:9A:A7:EC:AC:
                                78:C8:CC:FC:6E:0F:BE:03:26:09:2E:1B:DB:31:32:73:
                                7F:B3:34:75:5A:02:21:00:BA:FD:F1:DD:3B:F8:9F:68:
                                B9:80:0F:7D:40:BC:1B:CB:63:83:E8:0B:6E:0C:2F:E0:
                                20:4D:EB:69:0A:19:7B:1D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 27 09:12:02.096 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:3D:90:09:DB:02:54:F5:B2:F8:95:52:D9:
                                99:5B:64:37:DE:72:91:55:48:E4:EE:09:FE:B4:22:FD:
                                28:A3:CD:9C:02:20:2A:6E:43:97:F3:AA:80:CE:6D:A5:
                                6C:AA:07:B2:07:58:E3:FE:C4:81:9B:F7:5F:96:22:45:
                                49:22:29:71:9B:B6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        92:14:0b:6d:90:9e:ce:8b:c8:6e:f4:15:c2:08:de:c0:49:d6:
        a4:33:19:c3:32:b6:86:f7:9a:a7:c8:f5:1f:e5:3d:d0:7f:60:
        cf:8b:bf:58:9b:4f:1a:47:cc:0e:93:bd:fd:5f:7b:fd:79:18:
        85:b8:83:67:7c:1d:b5:06:8f:06:1f:53:78:78:a2:71:d7:f0:
        15:39:4f:3a:c9:d8:d4:14:10:24:0e:2b:09:df:10:c9:37:5e:
        9a:93:9b:e3:c2:ad:df:a3:25:ac:65:12:73:bd:64:58:18:c7:
        85:8e:70:c1:3a:c1:9d:b2:ef:3d:23:80:81:9d:59:b2:01:71:
        be:02:70:60:43:28:05:c7:51:61:e6:fe:88:63:f8:1b:7f:a3:
        e5:f5:98:79:fe:d5:26:cf:6e:93:81:4d:18:9f:c3:0b:bf:74:
        68:96:38:8b:89:c1:09:8a:a2:49:d6:9e:7e:28:a4:c2:84:6f:
        46:a0:d5:82:98:21:e5:02:36:57:9b:a7:e9:b6:1e:e9:61:d5:
        25:c6:a6:6c:a2:77:d3:c9:b9:ac:6f:28:46:5b:f2:8d:13:00:
        f2:45:1e:4a:91:22:87:bc:cb:cb:47:66:97:b0:69:34:48:60:
        28:2b:2c:ba:d7:17:6c:f4:b3:5e:da:bc:bc:db:54:9b:9c:60:
        c2:6a:e7:f3

468769230 | 2024-05-12T14:28:25.280408

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.5.23-MariaDB-0+deb11u1
  Capabilities: 63486
  Server Language: 45
  Server Status: 2
  Extended Server Capabilities: 33279
  Authentication Plugin: mysql_native_password

-1675418583 | 2024-05-17T21:43:40.042086

9100 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request

94.130.245.36

Last Seen: 2024-05-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

997926194 | 2024-05-19T14:48:33.132946
21 / tcp

528119014 | 2024-05-21T07:57:54.371609
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-1671440734 | 2024-05-13T01:24:13.499086
80 / tcp

nginx1.18.0

52094501 | 2024-05-13T04:04:18.644234
123 / udp

832999043 | 2024-05-19T16:11:51.140975
443 / tcp

nginx1.18.0

468769230 | 2024-05-12T14:28:25.280408
3306 / tcp

MariaDB10.5.23-MariaDB-0+deb11u1

-1675418583 | 2024-05-17T21:43:40.042086
9100 / tcp

Products

Pricing

Contact Us

94.130.245.36

Last Seen: 2024-05-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

997926194 | 2024-05-19T14:48:33.132946 21 / tcp

528119014 | 2024-05-21T07:57:54.371609 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-1671440734 | 2024-05-13T01:24:13.499086 80 / tcp

nginx1.18.0

52094501 | 2024-05-13T04:04:18.644234 123 / udp

832999043 | 2024-05-19T16:11:51.140975 443 / tcp

nginx1.18.0

468769230 | 2024-05-12T14:28:25.280408 3306 / tcp

MariaDB10.5.23-MariaDB-0+deb11u1

-1675418583 | 2024-05-17T21:43:40.042086 9100 / tcp

Products

Pricing

Contact Us

997926194 | 2024-05-19T14:48:33.132946
21 / tcp

528119014 | 2024-05-21T07:57:54.371609
22 / tcp

-1671440734 | 2024-05-13T01:24:13.499086
80 / tcp

52094501 | 2024-05-13T04:04:18.644234
123 / udp

832999043 | 2024-05-19T16:11:51.140975
443 / tcp

468769230 | 2024-05-12T14:28:25.280408
3306 / tcp

-1675418583 | 2024-05-17T21:43:40.042086
9100 / tcp