GeneralInformation

Hostnames	ttsvisas.com
Domains	ttsvisas.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

CDN

Google Hosted Libraries

JavaScript libraries

jQuery1.8.2

Miscellaneous

HTTP/3

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

OpenPorts

80 443 2083 2086 2087 8080 8443 8880

-863571086 | 2024-04-27T05:14:29.453147

80 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 27 Apr 2024 05:14:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ac544dd9840fe5-LAX

1623934309 | 2024-04-27T00:15:31.800424

443 / tcp

HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 00:15:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Nov 2018 06:56:06 GMT
Vary: Accept-Encoding
X-Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQ5JB2gKDQ0myKNNAL3UAy1IZCMAgB7IxdTdGoPb7IaEIl2gfVSBQ9j1rH7vTMJvUPFyAMWHy4AlPpztPfUEfPlr31%2F65o%2BxAvK4m5wNb7gMlXPb5D8g5AG%2FGMyrnE7hR2hH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa9e580dfa15d0-SJC
alt-svc: h3=":443"; ma=86400

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b8:f1:ce:66:1a:71:fd:75:11:8b:d2:8f:86:e3:ae:97
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5
        Validity
            Not Before: Mar 21 06:26:29 2024 GMT
            Not After : Jun 19 06:26:28 2024 GMT
        Subject: CN=ttsvisas.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:89:56:17:a0:19:67:a6:f3:df:69:5c:5b:4d:54:
                    06:25:13:6e:4b:6e:df:12:9e:cf:f4:e3:7a:fa:00:
                    fe:e9:d8:be:91:ca:62:62:ff:aa:70:cf:8b:1c:2a:
                    4c:67:f0:8e:ea:2a:b2:b7:79:f9:d7:c5:bf:21:bc:
                    48:1a:38:a6:2e:f8:b7:23:7b:56:10:b7:3d:65:8a:
                    31:16:e9:f0:91:69:0a:6b:3b:3e:a1:10:0d:c3:58:
                    2f:5a:c7:2f:2b:79:88:d8:ab:97:50:6a:38:99:5c:
                    b4:1f:e5:4c:53:17:0a:cb:a7:90:db:be:28:06:32:
                    fc:47:e5:2d:42:e2:fd:74:b4:82:8a:88:b1:14:4f:
                    33:70:6b:c8:46:14:33:5d:1d:53:b7:72:90:48:b5:
                    ac:d6:f3:5b:0a:56:4d:9a:e9:49:75:65:2f:ca:ef:
                    92:77:c2:a6:ce:23:9d:7f:ea:78:e7:24:3f:1b:9b:
                    11:87:a2:a5:78:30:1d:b5:0f:fa:13:eb:1c:37:6f:
                    47:46:21:a5:4f:fc:ac:c7:44:b7:5f:1c:fb:9a:57:
                    fd:79:c8:19:00:43:65:34:60:4a:0b:38:e3:15:0c:
                    57:39:cd:fc:81:90:2b:51:8e:07:05:07:53:77:49:
                    65:64:68:c6:e7:a9:d1:3c:9f:91:a7:c1:58:f7:83:
                    91:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FE:F8:68:71:C8:EA:EA:5D:5E:27:C4:6C:88:6B:3C:DB:3F:78:16:87
            X509v3 Authority Key Identifier: 
                D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8
            Authority Information Access: 
                OCSP - URI:http://ocsp.pki.goog/s/gts1p5/1GhH7JKY4ps
                CA Issuers - URI:http://pki.goog/repo/certs/gts1p5.der
            X509v3 Subject Alternative Name: 
                DNS:ttsvisas.com, DNS:*.ttsvisas.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.11129.2.5.3
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crls.pki.goog/gts1p5/BqBr202iu30.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 21 07:26:30.899 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0E:14:34:25:CA:E0:A6:3A:8D:A6:6F:7E:
                                F6:A0:F5:C2:5E:EF:2C:D2:B2:F5:52:A8:8E:30:3F:3C:
                                8C:0D:35:ED:02:20:68:04:C1:E0:D2:56:FD:B7:4A:40:
                                12:AA:46:86:4E:25:59:1F:4F:47:9D:A9:A5:BC:F4:74:
                                0D:D7:99:F9:E8:94
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 21 07:26:30.884 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:30:1C:72:2A:1F:7F:DA:58:8B:FD:
                                EE:E4:55:E6:37:66:58:65:2B:3E:BB:40:28:70:99:28:
                                6D:98:62:B8:46:02:21:00:E7:03:FD:B9:93:3E:A7:F9:
                                F7:04:EE:92:1E:13:DD:70:67:4D:A8:72:97:9F:20:7B:
                                45:07:94:63:1D:4B:DF:AF
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        69:62:87:61:b9:3e:d8:aa:a7:ae:18:cb:2f:26:1a:b7:a9:03:
        db:08:3d:f8:b4:41:21:95:49:59:e1:b2:e7:88:31:95:65:0c:
        59:50:e4:77:81:f7:66:ec:1d:1e:fe:4e:fd:0a:70:c9:ea:1a:
        8b:70:61:57:5d:2f:21:3e:7a:f7:f1:a7:fc:97:1b:6c:20:64:
        ac:8f:63:0b:26:15:8f:24:e5:03:fb:84:fa:8a:47:e2:19:bb:
        69:2c:d0:4c:89:0a:8d:8b:72:d0:28:a3:ed:f0:e7:6f:1b:ed:
        1e:72:e9:3a:bf:fb:28:5c:e2:e3:fd:44:7c:fc:58:06:2c:4b:
        7d:b8:da:fc:b9:4a:f5:81:1d:21:d3:86:03:5c:fb:11:09:37:
        87:89:92:73:80:6f:f0:74:d4:82:9b:c1:06:6c:40:76:63:57:
        d3:53:6e:49:e9:e7:6c:e5:53:f5:ac:61:80:11:42:f2:f9:a9:
        5d:63:e2:4a:6f:2a:15:f1:14:60:fc:82:58:95:01:f7:55:e2:
        c7:ce:68:11:43:a7:09:88:28:5f:29:8e:21:8b:75:c3:4d:b3:
        89:ee:63:6d:9b:a3:91:43:e1:76:51:a2:35:f4:a3:7f:3c:a4:
        71:01:7d:af:81:ae:3f:4c:77:6d:38:0d:0f:e0:43:4d:e5:8b:
        12:d6:07:b4

141477257 | 2024-04-20T02:02:27.844560

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sat, 20 Apr 2024 02:02:27 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-1929862714 | 2024-04-03T06:54:58.217291

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 03 Apr 2024 06:54:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86e7267dcb531c14-AMS

835487299 | 2024-04-16T05:05:44.600498

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 16 Apr 2024 05:05:44 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

886817800 | 2024-04-22T18:37:52.519049

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Mon, 22 Apr 2024 18:37:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8787ba42fafe2adf-LAX

141477257 | 2024-04-18T23:24:49.888491

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Thu, 18 Apr 2024 23:24:49 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

136835509 | 2024-04-27T03:13:55.246318

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 27 Apr 2024 03:13:54 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 87aba3adebf60fe5-LAX

error code: 1003

104.21.50.198

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-863571086 | 2024-04-27T05:14:29.453147
80 / tcp

CloudFlare

1623934309 | 2024-04-27T00:15:31.800424
443 / tcp

141477257 | 2024-04-20T02:02:27.844560
2083 / tcp

-1929862714 | 2024-04-03T06:54:58.217291
2086 / tcp

835487299 | 2024-04-16T05:05:44.600498
2087 / tcp

886817800 | 2024-04-22T18:37:52.519049
8080 / tcp

CloudFlare

141477257 | 2024-04-18T23:24:49.888491
8443 / tcp

CloudFlare

136835509 | 2024-04-27T03:13:55.246318
8880 / tcp

Products

Pricing

Contact Us

104.21.50.198

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-863571086 | 2024-04-27T05:14:29.453147 80 / tcp

CloudFlare

1623934309 | 2024-04-27T00:15:31.800424 443 / tcp

141477257 | 2024-04-20T02:02:27.844560 2083 / tcp

-1929862714 | 2024-04-03T06:54:58.217291 2086 / tcp

835487299 | 2024-04-16T05:05:44.600498 2087 / tcp

886817800 | 2024-04-22T18:37:52.519049 8080 / tcp

CloudFlare

141477257 | 2024-04-18T23:24:49.888491 8443 / tcp

CloudFlare

136835509 | 2024-04-27T03:13:55.246318 8880 / tcp

Products

Pricing

Contact Us

-863571086 | 2024-04-27T05:14:29.453147
80 / tcp

1623934309 | 2024-04-27T00:15:31.800424
443 / tcp

141477257 | 2024-04-20T02:02:27.844560
2083 / tcp

-1929862714 | 2024-04-03T06:54:58.217291
2086 / tcp

835487299 | 2024-04-16T05:05:44.600498
2087 / tcp

886817800 | 2024-04-22T18:37:52.519049
8080 / tcp

141477257 | 2024-04-18T23:24:49.888491
8443 / tcp

136835509 | 2024-04-27T03:13:55.246318
8880 / tcp