GeneralInformation

Hostnames	plezi.cisel4you.ch 163-172-70-254.rev.poneytelecom.eu
Domains	cisel4you.ch poneytelecom.eu
Country	France
City	Paris
Organization	Scaleway Dedibox - Paris, France
ISP	SCALEWAY S.A.S.
ASN	AS12876

WebTechnologies

JavaScript libraries

jQuery

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

80 443

326604869 | 2024-04-25T03:30:08.910911

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.19.6
Date: Thu, 25 Apr 2024 03:30:08 GMT
Content-Type: text/html
Content-Length: 702
Last-Modified: Tue, 07 Aug 2018 17:53:18 GMT
Connection: keep-alive
ETag: "5b69dc8e-2be"
Accept-Ranges: bytes

1701879467 | 2024-04-18T16:14:45.376817

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.19.6
Date: Thu, 18 Apr 2024 16:14:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ETag: W/"cd809ba1beb8ad15f4a254be6844360f"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _session_id=e8ca0357f3085f9c30ef11fe2e7e0b68; path=/; secure; HttpOnly
X-Request-Id: a6f8d9fc-cca2-4c8a-a20b-82034d143086
X-Runtime: 0.037019
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
X-UA-Compatible: IE=Edge,chrome=1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:2d:fe:fc:ab:2b:79:f5:81:40:c3:95:2d:29:23:48:40:23
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 16 14:52:49 2021 GMT
            Not After : Jul 15 14:52:49 2021 GMT
        Subject: CN=plezi.cisel4you.ch
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e7:98:fb:5f:b7:9c:57:5f:44:c5:bb:3f:01:41:
                    79:08:b1:ad:1b:9e:9a:a1:46:59:9a:2c:66:02:41:
                    c0:fa:57:c3:96:bf:c0:b5:f7:6e:74:bb:d7:91:71:
                    a7:98:c3:1f:8d:c7:b9:7e:32:d8:a7:38:96:cf:9f:
                    c9:0b:3e:00:56:8e:d7:5e:51:9f:d0:c7:22:70:68:
                    90:84:8e:42:18:7c:f7:28:b1:52:83:4b:69:bb:85:
                    85:a8:d3:bb:17:6d:c7:38:84:98:44:37:c1:a8:a4:
                    82:40:44:8b:ed:d1:16:db:ce:e2:63:9b:25:2e:bf:
                    f1:11:66:43:25:c9:a7:08:74:3f:04:eb:48:1b:f3:
                    03:df:c0:3d:ce:e5:fa:9b:80:d3:26:f2:88:88:b5:
                    e6:00:7f:12:40:01:6f:c4:ee:75:ef:9e:be:b6:73:
                    e3:74:63:a6:74:16:00:6d:a8:50:55:b5:73:d0:83:
                    2d:22:5c:b9:dc:2c:2e:84:1b:a4:80:02:4c:b3:6e:
                    52:f9:b4:9f:eb:09:78:bf:3f:cb:75:55:9e:a4:94:
                    fd:67:fc:e8:69:13:3c:ec:eb:e6:d5:90:72:2d:53:
                    c7:4b:a5:6b:5b:90:03:18:90:76:ba:36:e8:f0:b5:
                    c5:9d:5e:ad:fa:a0:99:3f:43:d6:4d:e2:d1:ec:fa:
                    a3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                ED:7E:FB:4E:BD:42:7B:BB:5E:44:A8:71:6C:62:93:06:11:EB:A3:51
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:plezi.cisel4you.ch
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
                                DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
                    Timestamp : Apr 16 15:52:49.695 2021 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A8:EB:A7:DB:81:04:AA:45:92:BD:C7:
                                B9:C1:02:CF:3C:6B:E4:D1:C9:4F:37:9D:5D:E0:AF:C8:
                                62:E7:58:B5:F2:02:20:58:09:7C:81:22:AD:D3:CB:BA:
                                09:86:2E:D5:42:D1:9C:62:53:A0:13:67:05:34:02:44:
                                22:5F:BD:E4:8C:47:7A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
                                E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
                    Timestamp : Apr 16 15:52:49.668 2021 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E3:07:6A:63:32:40:DA:63:C3:58:9A:
                                ED:04:B7:EF:2A:11:AE:A9:BB:19:89:B2:6A:BA:E9:54:
                                A7:AA:08:C5:87:02:20:20:F5:53:E5:F3:F3:91:CC:26:
                                79:57:14:B5:F8:7B:C6:5C:8B:2F:DA:C0:C9:B9:B2:C5:
                                A2:D4:C4:B3:FD:BB:A4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        93:6d:f4:6f:01:61:26:2d:16:12:fd:84:1a:83:24:39:18:7d:
        cd:5b:f9:24:d0:29:83:c0:8e:b4:59:3f:4c:e4:f8:87:2a:c3:
        69:02:ba:65:de:36:ab:23:a7:b3:f2:60:06:a6:61:94:56:43:
        b6:3a:3c:59:eb:a6:fe:aa:ee:d3:cd:cc:ae:0d:17:64:55:e0:
        50:9d:c5:1a:81:77:98:c5:d5:d6:da:7e:1a:e1:63:5e:61:bc:
        a8:b7:cb:b5:0e:90:ee:f2:4b:b8:41:33:13:bd:74:3e:14:0b:
        0a:28:20:b0:11:c5:45:ad:e2:ca:94:d0:9e:bd:7e:91:24:bb:
        1d:da:99:37:6d:98:9c:cb:ca:10:9a:e6:0f:32:dc:f7:d2:8e:
        61:30:97:16:11:34:6d:4a:76:7f:41:fb:9b:0e:8d:51:0d:a7:
        2f:6a:ca:4a:58:6d:f1:8f:fd:eb:05:17:cc:b3:e4:b0:a4:66:
        58:52:c7:1f:ae:1d:41:d5:fe:6b:d6:f9:6c:ba:15:af:9a:ad:
        9c:7a:c2:13:d2:1f:ca:d2:d2:2c:83:62:c5:b6:71:67:00:2a:
        2e:04:cc:a3:d2:a0:91:1a:b5:27:d5:16:95:57:1a:9c:ff:32:
        60:41:be:fd:7e:f0:ce:e3:b6:9b:e3:4b:fa:d7:52:72:53:f7:
        38:7c:71:11

163.172.70.254

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

326604869 | 2024-04-25T03:30:08.910911
80 / tcp

nginx1.19.6

1701879467 | 2024-04-18T16:14:45.376817
443 / tcp

nginx1.19.6

Products

Pricing

Contact Us

163.172.70.254

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

326604869 | 2024-04-25T03:30:08.910911 80 / tcp

nginx1.19.6

1701879467 | 2024-04-18T16:14:45.376817 443 / tcp

nginx1.19.6

Products

Pricing

Contact Us

326604869 | 2024-04-25T03:30:08.910911
80 / tcp

1701879467 | 2024-04-18T16:14:45.376817
443 / tcp