My daily job duties brought me (by mistake) to the following IP: 52.63.96.32
It appears the registrar has signed with a single certificate a "lot" of domain. https://www.shodan.io/host/52.63.96.32
Am am right to assume that:
- This is information leakage, it discloses websites that aren't advertised on search engines.
- The virtual web-servers all share the same VM The virtual web-servers all use the same certificate. therefore if the private key can be leaked/disclosed by one web server using an insecure SSL/TLS protocol.
- Each customer should be concerned as this is potentially vulnerable to Meldown/Spectre ?
Also, If one of this website was to be compromised (Injection or XSS). Does it compromise other websites ?
And finally, Should I have any concerns if my company was hosting a website on this server ?