GeneralInformation

Hostnames	vds-cb97382.timeweb.ru
Domains	timeweb.ru
Country	Russian Federation
City	Saint Petersburg
Organization	TimeWeb Ltd.
ISP	TimeWeb Ltd.
ASN	AS9123
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

80 / tcp

677579724 | 2025-02-27T13:19:04.553793

Hashes

hash

1824252629

http.dom_hash

1239617585

http.html_hash

677579724

http.server_hash

967792298

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 27 Feb 2025 13:19:04 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

Vulnerabilities

443 / tcp

1877539952 | 2025-02-23T16:07:34.926193

Hashes

hash

-206378820

http.dom_hash

-1624293029

http.html_hash

1877539952

http.server_hash

967792298

http.title_hash

-1525222997

Welcome to your Strapi app

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 23 Feb 2025 16:07:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Vary: Origin
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
X-Powered-By: Strapi <strapi.io>
Expires: Sun, 23 Feb 2025 16:07:33 GMT
Cache-Control: no-cache

Vulnerabilities

46.19.67.215

Last Seen: 2025-02-27

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

80 / tcp

677579724 | 2025-02-27T13:19:04.553793

Hashes

nginx1.18.0

443 / tcp

1877539952 | 2025-02-23T16:07:34.926193

Hashes

nginx1.18.0

Products

Pricing

Contact Us

46.19.67.215

Last Seen: 2025-02-27

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp 677579724 | 2025-02-27T13:19:04.553793

Hashes

nginx1.18.0

443 / tcp 1877539952 | 2025-02-23T16:07:34.926193

Hashes

nginx1.18.0

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

677579724 | 2025-02-27T13:19:04.553793

443 / tcp

1877539952 | 2025-02-23T16:07:34.926193