GeneralInformation

Hostnames	api.tdl.com.ua
Domains	tdl.com.ua
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

Analytics

CDN

JavaScript libraries

Miscellaneous

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14041	4.3In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

22 80 443 8080

-1309570716 | 2024-04-18T01:24:18.599060

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDEfgTQf7jQnQrGJIy9BnwDNKvK6/wfpoBqmqWgSyr2ogDp
YDhDL8OrkNdgBBW24RxvW0uxFTZ9A/zNzfCUyy7G+UwoAfD/48XuKkNmJnxr5Is953ApeU90o6n9
GKjDL5jujgfD1UV1YEEtbVjqEhygq9Bpv4L3vbVpsetwM6YA3QCFggdNy9KWtKgO/1dRLtluDj2O
wj0rPScXFqx4If7s0kgfzAOFudgrRMjvGg6UDuoZXb28neTqYgHBF5Vnknwm4XBjItKwEiBCaKJ/
YnTXllHzkho9HAsDKX+/g7ERceIRgFpqyI/A1uG4FeJraqDPdJpkKl5zucQGWKcPGtRDvXmqIGRW
uvLPMiwLknGNge9Giv0eWykxI0fBeMHH6Sqt6T1xwghsVsoHP6WnYbqtNxL+gtWBWRHOgZ5mGf4x
ddT95j7WV48QcSHGtgvKYBVI+GYEcAxw//xsNHFW2QBk2s9uxSsrP7LUsiJdysMf4izaoXDJe6eX
bsy/XPC1HQ8=
Fingerprint: 74:53:b4:61:70:f3:bc:4b:47:a3:d3:3a:2b:d4:db:17

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-2100514759 | 2024-04-27T05:24:17.413379

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 27 Apr 2024 05:24:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://api.tdl.com.ua/

1460610069 | 2024-04-27T05:24:20.757770

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 27 Apr 2024 05:24:06 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6InlIVkFWbkVDY0NCYkxuWWZ2c3UyZGc9PSIsInZhbHVlIjoiMEpPN1RJMG95QmVmaWtwQ1ZIUHVTRS9VWGhOemh2RjFmMWdIL0tJUDdiM0dKQXEzb3IrTUpiVWMvSm54RHFxM2hqS2kvUXpocVpLRUpVV3gzMGpoTHZXZ3FzTktLckhlZEFqLzZrTlFVWEdsRjZrVmE5ZjFoVTAwbWNxRG1qTlEiLCJtYWMiOiJhYTVhN2EzMjYyNjkyMmQ5ZDM3MmQxZmI3MjllYWJkMTY1YjJiMmUyNGY3MDVjN2Q1ZjAyZWMxZGUwYjcwMjFkIn0%3D; expires=Sat, 27-Apr-2024 07:24:06 GMT; Max-Age=7200; path=/; samesite=lax
Set-Cookie: perevodcik_zya_session=eyJpdiI6ImdmS2oxeEZlc1U1WVhSMXlnem16akE9PSIsInZhbHVlIjoiNnRETG9hcWxjbFZSMHBZaG1VMmlvWmF3VlcxbVpJK3FQRitvMkVDSmZUZ1Z3TW5lTy8za3pMT2hrYWlDTEg4cHBwZHE5L1lWZDNZMC9RVlcwbUJxaEV0V0pqUFY5L1JzdFdtV05BVDV4TlMvYncxOUhkVlMxQ0oxUXJEcmtYSFMiLCJtYWMiOiIzNzYwNmQ4ZmJlZDE1MzZhNmNhNWZmMTk5ZGRkNTc5MGM3MTFjNDM2N2E3ZmFjN2M4YjYxNTI5ZWY3NDQ0Y2ZjIn0%3D; expires=Sat, 27-Apr-2024 07:24:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: block-all-mixed-content
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:15:dc:ee:20:83:bd:94:4c:f7:63:17:c8:40:de:ab:1e:6f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 14 19:40:09 2024 GMT
            Not After : Jun 12 19:40:08 2024 GMT
        Subject: CN=api.tdl.com.ua
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9d:f5:c2:e1:01:5f:b0:15:12:a4:aa:c7:6c:fa:
                    48:7f:8d:f9:46:85:3c:e1:40:e1:c1:b3:f8:18:99:
                    2f:ae:ff:3d:b4:d5:57:92:34:d2:38:11:a4:c1:bd:
                    e0:0d:4c:2e:32:aa:44:00:46:60:74:dc:b6:bf:ce:
                    73:53:74:91:45:fe:ce:64:ca:f3:16:ce:78:25:90:
                    47:39:ec:87:40:fd:9d:7a:d5:48:0f:f8:27:6b:d1:
                    2f:c0:86:dc:be:44:23:a6:63:ca:eb:fe:15:94:f7:
                    e2:87:d9:92:71:5e:13:cb:99:8e:62:25:39:c7:3a:
                    16:d0:9d:6e:1e:f8:0a:36:04:a3:9e:d9:74:62:32:
                    00:20:78:17:ba:67:8f:0d:6f:45:d1:8c:0b:57:36:
                    d3:13:6a:5c:01:e0:a3:7b:74:22:7d:da:42:d2:25:
                    d0:c4:97:11:c3:d5:fc:6b:63:d6:4c:07:84:69:dc:
                    7b:fd:ec:3e:94:20:47:c8:02:93:e1:53:93:5e:d0:
                    c5:73:98:5e:40:21:70:71:36:9f:07:fb:db:58:5d:
                    78:a9:bb:32:0b:b8:33:ec:e5:98:be:98:85:80:eb:
                    13:a0:9b:a4:05:73:53:12:31:c6:9d:fe:ec:d5:7f:
                    82:bb:a7:d5:38:1a:0b:47:21:1c:47:33:6d:df:12:
                    d0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E6:D9:85:AD:8B:38:A0:9A:7E:28:56:21:E5:0C:B3:41:37:1F:F6:B6
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.tdl.com.ua
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 14 20:40:09.477 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:4B:41:D6:D6:D6:69:6D:89:6B:CA:B5:08:
                                7D:10:CA:D9:D8:FD:CE:72:88:61:F0:04:6E:29:67:48:
                                17:71:0F:2D:02:21:00:ED:F7:E0:8D:02:80:AF:C2:90:
                                69:2D:A9:55:56:4C:AC:06:1F:BF:98:5F:F9:69:2A:04:
                                96:B8:8B:0E:C8:CF:80
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 14 20:40:09.472 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:91:9F:EA:77:A9:12:95:70:D3:BA:29:
                                04:5B:C8:2C:66:1D:5E:BE:5F:27:39:12:61:7D:40:F8:
                                0B:A6:5E:31:93:02:21:00:C1:41:E7:D7:FA:EC:F2:7C:
                                22:9C:14:46:7B:B1:AA:2A:69:5A:65:77:AF:38:40:BA:
                                9B:B1:00:3D:76:E3:B2:7A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        18:53:92:60:25:79:03:4c:f2:72:83:e6:4b:62:fd:67:5b:24:
        66:8c:58:64:aa:7d:c9:59:ca:db:94:05:10:36:75:b6:88:34:
        cb:a5:62:fd:b6:bf:72:d0:3d:27:c0:f8:4a:25:a2:8d:de:90:
        6d:ac:ff:cb:f3:47:a0:38:4c:d3:8c:41:ea:a6:60:4a:1e:94:
        26:5e:19:75:f6:c2:72:22:44:c2:d6:15:1b:00:0c:da:b5:d9:
        79:62:80:b4:48:da:fe:30:9a:2d:49:50:10:ab:d1:b7:3a:99:
        ac:0f:a6:b2:2a:62:55:0c:c5:90:32:a1:8d:71:e8:50:af:0c:
        4c:70:02:14:b7:a3:f1:29:0c:5a:a1:fb:ee:c7:13:ba:aa:0c:
        fe:0e:22:50:b0:41:7d:a2:3c:d1:eb:9c:42:0a:48:4b:32:fe:
        1d:33:bc:21:eb:24:05:ec:d2:93:02:e3:8d:c2:e0:6f:bd:fd:
        98:82:7f:5a:53:a7:e6:67:f5:62:e8:b0:33:74:87:8d:ef:57:
        09:60:33:d6:04:27:7b:7d:98:66:11:4d:c7:d3:58:ae:3a:8a:
        a1:86:78:36:a6:d4:bb:f5:5d:7d:54:37:d2:cf:0d:f2:9a:08:
        bc:3c:1f:f5:97:a9:54:19:65:85:b1:aa:e4:94:1e:38:41:43:
        ce:f1:21:c2

-1060095501 | 2024-04-23T10:44:48.918403

8080 / tcp

HTTP/1.1 404 Not Found
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 139
Date: Tue, 23 Apr 2024 10:44:48 GMT
Connection: keep-alive

46.101.221.250

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1309570716 | 2024-04-18T01:24:18.599060
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

-2100514759 | 2024-04-27T05:24:17.413379
80 / tcp

nginx

1460610069 | 2024-04-27T05:24:20.757770
443 / tcp

nginx

-1060095501 | 2024-04-23T10:44:48.918403
8080 / tcp

Products

Pricing

Contact Us

46.101.221.250

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1309570716 | 2024-04-18T01:24:18.599060 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

-2100514759 | 2024-04-27T05:24:17.413379 80 / tcp

nginx

1460610069 | 2024-04-27T05:24:20.757770 443 / tcp

nginx

-1060095501 | 2024-04-23T10:44:48.918403 8080 / tcp

Products

Pricing

Contact Us

-1309570716 | 2024-04-18T01:24:18.599060
22 / tcp

-2100514759 | 2024-04-27T05:24:17.413379
80 / tcp

1460610069 | 2024-04-27T05:24:20.757770
443 / tcp

-1060095501 | 2024-04-23T10:44:48.918403
8080 / tcp