Hetzner/Linode were MITMing their client(jabber.ru): https://notes.valdikss.org.ru/jabber.ru-mitm/

Was it Hetzner, or was it an attacker hosting on Hetzner/Linode?

	▲	direwolf20 3 hours ago \| parent [-]
		It was the German equivalent of the NSA, with the German equivalent of a National Security Letter, sent to Hetzner to force them to intercept this customer's traffic. The same thing happens in the USA.