GeneralInformation

Hostnames	shop.alufefa.at static.202.146.201.195.clients.your-server.de
Domains	alufefa.at your-server.de
Country	Germany
City	Nürnberg
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Ubuntu

WebTechnologies

JavaScript frameworks

RequireJS

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 443

80 / tcp

677579724 | 2025-01-19T18:05:59.573449

Hashes

hash

688708428

http.dom_hash

1239617585

http.html_hash

677579724

http.server_hash

967792298

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 19 Jan 2025 18:05:59 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618

443 / tcp

373414015 | 2024-12-30T19:42:49.227604

Hashes

hash

-598856890

http.dom_hash

-1447874869

http.favicon.hash

1081002156

http.html_hash

373414015

http.server_hash

967792298

http.title_hash

208125347

Willkommen | ALUFEFA SHOP

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 30 Dec 2024 19:42:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=4a7jut8ps7su8cuq074eujkdnp; expires=Mon, 30-Dec-2024 20:42:49 GMT; Max-Age=3600; path=/; domain=shop.alufefa.at; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Fri, 29 Dec 2023 22:10:02 GMT
Content-Security-Policy-Report-Only: font-src *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.fontawesome.com unsafe-inline assets.braintreegateway.com https://fast.fonts.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:bc:b5:d0:cf:47:e1:6c:26:8d:af:b8:dc:32:51:f6:85:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Nov 26 11:26:54 2024 GMT
            Not After : Feb 24 11:26:53 2025 GMT
        Subject: CN=shop.alufefa.at
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:db:36:19:46:cd:9c:21:d0:7b:b0:9f:78:63:41:
                    6a:42:01:43:89:c4:fd:1c:ee:f0:73:a6:02:c7:ee:
                    fd:39:9e:5f:d3:b2:0c:18:79:d7:72:1c:2b:a8:70:
                    c0:07:6d:57:dc:d9:10:b2:67:5d:be:64:ba:e9:f3:
                    0f:0f:cd:74:05:32:74:a6:fd:01:33:20:55:0c:1c:
                    0b:b0:20:29:07:63:86:0d:4b:11:c7:8a:f5:33:df:
                    10:1e:34:7d:60:c7:b7:76:f2:aa:ea:5a:ff:7b:40:
                    99:18:b9:25:ec:64:15:0d:37:84:16:6f:87:aa:d8:
                    02:a9:54:81:13:6e:62:28:e4:d4:bd:5f:e1:26:b0:
                    76:ce:77:97:3e:dd:7e:f7:67:c3:8e:f9:ae:9b:56:
                    03:44:5d:ed:d8:a3:b4:33:be:02:f1:2a:78:61:80:
                    69:a0:8d:8c:58:4a:a1:4d:a1:38:95:d5:06:3d:87:
                    cb:52:64:37:f5:ad:20:98:7b:43:00:b1:da:00:b7:
                    af:72:f9:c5:88:b5:88:9b:8c:c6:1f:dd:6d:85:f6:
                    ed:aa:84:0b:61:1f:f6:2d:72:21:e5:16:e7:30:9e:
                    8a:a6:3e:86:ac:fd:01:15:2a:27:53:bc:bb:8c:10:
                    f4:fd:7d:e9:93:33:a4:6b:d1:ea:ed:51:6f:05:6e:
                    79:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B0:EC:88:4B:CD:CA:BD:D8:C0:79:65:DF:5C:D0:20:7E:93:BF:6F:2F
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:shop.alufefa.at
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Nov 26 12:25:24.195 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:CB:55:4E:05:D1:C2:24:E0:D4:11:05:
                                50:BB:1C:94:BD:24:5D:9B:02:98:4D:13:0E:48:3E:3A:
                                C0:06:A0:9E:54:02:20:2F:6B:D9:07:5E:EF:91:37:FE:
                                AB:19:35:17:05:3E:BC:64:72:D1:EA:9E:64:1E:16:E0:
                                97:AC:78:73:FC:01:57
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Nov 26 12:25:24.236 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A4:82:11:F6:F5:55:8A:48:85:E1:6B:
                                4C:BD:46:77:FC:8E:36:D6:39:7E:B0:F8:FB:2E:2C:98:
                                43:A5:D3:39:03:02:21:00:EB:62:1C:42:26:2C:56:F0:
                                C8:1F:17:C9:38:6F:33:C2:AA:C1:BC:47:2D:EF:42:88:
                                E2:A6:BB:54:BC:65:BD:16
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ac:46:02:9f:de:1a:21:33:9c:3e:6c:f3:58:c5:10:74:24:89:
        fa:ff:79:a8:32:dc:91:97:83:f6:76:df:40:f9:22:7d:36:eb:
        b5:2a:03:a7:8e:01:bd:0e:cc:a7:78:e2:45:df:0d:61:9e:23:
        e1:98:72:f8:64:91:49:63:7c:74:43:9e:2a:c4:b1:3e:60:55:
        f6:26:9e:02:87:53:76:85:23:70:7a:0a:28:c4:04:72:2c:27:
        85:5c:0c:26:4d:22:55:9f:ae:fd:66:56:09:0f:72:dd:60:36:
        50:15:fb:1c:56:bf:24:33:d1:93:db:48:7d:93:d5:8d:01:ed:
        9f:a4:cd:fc:23:7a:2f:58:26:08:1a:1d:d4:9e:f3:30:78:a2:
        87:5c:29:5e:70:99:eb:3e:95:77:8b:15:7c:a9:08:e4:10:b2:
        ba:3d:6d:eb:46:de:25:b9:a7:12:09:fc:9d:73:8d:67:b1:5c:
        0b:e7:93:67:bb:11:50:16:b1:aa:2a:de:c9:df:3e:f0:25:5b:
        00:32:b7:f3:00:1f:e2:c4:89:05:e2:30:1e:08:30:e9:c1:42:
        61:cf:1f:bf:c4:cd:f5:be:13:ab:15:b8:16:a6:ca:7d:80:d9:
        eb:e5:40:b3:84:13:7a:9e:f2:c7:4a:f1:f8:d9:b0:aa:6c:d0:
        8b:a7:23:58

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618

195.201.146.202

Last Seen: 2025-01-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

677579724 | 2025-01-19T18:05:59.573449

Hashes

nginx1.18.0

443 / tcp

373414015 | 2024-12-30T19:42:49.227604

Hashes

nginx1.18.0

Products

Pricing

Contact Us

195.201.146.202

Last Seen: 2025-01-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp 677579724 | 2025-01-19T18:05:59.573449

Hashes

nginx1.18.0

443 / tcp 373414015 | 2024-12-30T19:42:49.227604

Hashes

nginx1.18.0

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

677579724 | 2025-01-19T18:05:59.573449

443 / tcp

373414015 | 2024-12-30T19:42:49.227604