GeneralInformation

Hostnames	promofit.brushyourideas.com static.113.3.27.37.clients.your-server.de
Domains	brushyourideas.com your-server.de
Country	Finland
City	Helsinki
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Ubuntu

WebTechnologies

JavaScript frameworks

RequireJS

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 443

1651973090 | 2025-01-16T11:02:50.744348

80 / tcp

Welcome to nginx!

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 16 Jan 2025 11:02:50 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 12 Sep 2023 10:00:07 GMT
Connection: keep-alive
ETag: "650036a7-264"
Accept-Ranges: bytes

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618

-1287941600 | 2025-01-19T09:03:45.308521

443 / tcp

Home page

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 19 Jan 2025 09:03:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=cpjvsr6pr5m144cummbjkv3g54; expires=Sun, 19 Jan 2025 10:03:45 GMT; Max-Age=3600; path=/; domain=promofit.brushyourideas.com; secure; HttpOnly; SameSite=Lax
X-Magento-Cache-Control: max-age=86400, public, s-maxage=86400
X-Magento-Tags: cat_c,cat_c_5,store,cms_b,mp_smtp_script,cms_p_2,FPC
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Fri, 19 Jan 2024 05:17:23 GMT
X-Magento-Cache-Debug: HIT
Content-Security-Policy-Report-Only: font-src *.cloudfront.net *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.cloudfront.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io blob: *.cloudfront.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.facebook.net *.cloudfront.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudfront.net *.fontawesome.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.cloudfront.net https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:44:79:6d:e9:1e:7f:ee:52:41:eb:c3:3c:74:59:b3:b9:d4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Jan  7 08:42:31 2025 GMT
            Not After : Apr  7 08:42:30 2025 GMT
        Subject: CN=promofit.brushyourideas.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:92:73:09:3c:50:12:31:c2:66:ac:67:c0:b8:dc:
                    38:d9:67:01:de:6a:34:fe:1a:ae:6c:c4:a5:d1:45:
                    5e:fc:c7:a5:93:4e:4d:10:5a:e1:08:c4:ad:f6:8c:
                    c6:c0:43:a9:2b:f6:e2:fa:55:28:7d:36:f8:90:7a:
                    1a:65:68:32:39:90:40:4b:29:61:57:0d:ad:6e:a3:
                    40:8b:58:39:f2:02:74:b8:42:b2:23:63:14:a7:da:
                    c5:41:fd:24:77:d2:89:c4:ef:aa:4d:0b:31:72:64:
                    c7:44:41:40:84:76:1d:98:c3:16:ae:8c:89:f4:50:
                    af:f8:fe:a2:cc:5f:5b:c6:66:2f:16:b4:ec:bd:74:
                    c9:95:32:4c:22:b1:96:df:61:49:6e:67:2d:f3:fa:
                    87:44:d9:5b:2a:a3:52:b9:a2:73:56:eb:1b:3b:d8:
                    77:5a:25:1b:a5:4d:99:53:5a:4c:29:e0:2b:5d:37:
                    d6:cf:fd:96:b3:1e:13:6b:16:6c:8e:e1:91:11:6f:
                    54:ba:fd:e4:02:ae:6e:32:f7:56:0d:4e:71:fd:7f:
                    5c:88:7a:5c:71:dd:5d:62:bc:c1:17:72:35:49:39:
                    63:4b:74:d1:c0:05:3c:29:3e:7b:81:80:a0:b5:21:
                    d6:76:c7:33:95:96:e1:f6:f2:d3:ea:e0:c9:8b:14:
                    cf:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                57:0C:F6:1C:F6:14:55:6A:71:88:53:AF:8D:E1:71:F8:C9:D7:17:AC
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:promofit.brushyourideas.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan  7 09:41:02.190 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:05:DE:E5:E4:35:63:86:19:DC:2B:1A:12:
                                22:0F:07:A6:BB:D2:0C:35:73:50:A3:B0:FC:5A:7D:5B:
                                FC:AB:38:B2:02:20:1E:B0:5D:52:09:30:44:C2:C5:07:
                                F2:9A:08:85:DC:B1:50:AC:81:53:84:BD:58:48:85:DC:
                                A4:8B:2F:50:9D:E5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Jan  7 09:41:02.261 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8A:FE:5C:4D:F0:A3:06:3E:6B:13:F5:
                                A1:8A:2E:07:C7:76:49:B9:42:BF:FD:DD:71:83:5D:09:
                                DD:91:17:E6:BE:02:20:5D:E0:B5:58:EF:F3:1E:83:2B:
                                94:02:E3:B7:C5:58:99:9D:76:E5:16:BD:20:22:6D:85:
                                2A:63:14:53:48:DF:39
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        69:06:d9:ba:db:16:c3:cb:b8:9f:e9:53:35:16:95:51:bd:9a:
        10:75:6c:7b:19:87:01:ae:89:21:25:ca:a2:d8:a9:2b:10:60:
        92:3b:30:68:7b:0e:77:6c:e3:8c:99:30:bb:72:a2:7d:64:e6:
        33:a2:e2:6e:c0:9d:1c:0a:92:58:fa:9f:16:df:e9:a3:92:43:
        9d:3e:4a:79:50:2b:e1:ca:ed:b7:3d:1a:eb:cb:89:ad:a2:0b:
        7d:29:c3:89:87:20:5c:e3:6b:5f:78:fb:59:f4:42:c7:ba:64:
        a7:83:59:0a:a2:89:ea:58:88:c1:d0:bf:56:86:ad:57:9d:f3:
        ee:90:3e:79:ea:db:92:ca:eb:f0:2f:6a:ef:c1:b0:dd:5e:ec:
        d2:7b:f1:f6:5d:e6:f4:35:ca:97:f5:f2:c4:4b:a6:52:d7:9a:
        40:e7:4b:0f:7a:d6:d2:86:29:09:73:b8:fe:22:f9:c4:cb:ec:
        3c:d5:f9:9c:e5:ac:ee:33:47:e8:10:e2:70:39:58:a2:47:8d:
        9c:9b:27:23:df:98:07:11:cf:5c:a3:2a:1d:dd:44:2b:68:48:
        ad:36:08:b5:84:0f:aa:71:89:6a:47:cf:1e:ed:35:41:d6:43:
        01:30:a9:03:cd:88:c4:e2:3a:61:ae:cd:45:6f:5a:e9:f0:2e:
        dd:58:40:78

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618

37.27.3.113

Last Seen: 2025-01-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1651973090 | 2025-01-16T11:02:50.744348
80 / tcp

nginx1.18.0

-1287941600 | 2025-01-19T09:03:45.308521
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

37.27.3.113

Last Seen: 2025-01-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

1651973090 | 2025-01-16T11:02:50.744348 80 / tcp

nginx1.18.0

-1287941600 | 2025-01-19T09:03:45.308521 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

Vulnerabilities

1651973090 | 2025-01-16T11:02:50.744348
80 / tcp

-1287941600 | 2025-01-19T09:03:45.308521
443 / tcp