GeneralInformation

Hostnames	solutions.chg.e2open.com demand.purestorage.com
Domains	e2open.com purestorage.com
Country	United States
City	Chicago
Organization	E2OPEN
ISP	AT&T Services, Inc.
ASN	AS7018

WebTechnologies

JavaScript libraries

jQuery1.0.2

jQuery Modal1.0.2

Web frameworks

Microsoft ASP.NET

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

443

954453468 | 2024-04-19T16:30:20.253118

443 / tcp

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 16:30:19 GMT
Server: E2open
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 4.0.30319
Content-Length: 107748
Set-Cookie: ASP.NET_SessionId=lvz2lmkqkvhx1otvthm2exji; path=/; secure; HttpOnly; SameSite=Lax; HttpOnly; Secure
Set-Cookie: ASP.NET_SessionId=lvz2lmkqkvhx1otvthm2exji; path=/; secure; HttpOnly; SameSite=Lax; HttpOnly; Secure
Set-Cookie: __AntiXsrfToken=0b3a0c2cea334c46a356832be81a6374; path=/; secure; HttpOnly

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:98:85:79:d4:53:92:fd:3a:fe:f6:1a:11:8d:5b:57
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
        Validity
            Not Before: Dec 12 00:00:00 2023 GMT
            Not After : Dec 11 23:59:59 2024 GMT
        Subject: C=US, ST=California, L=Santa Clara, O=Pure Storage, Inc., CN=demand.purestorage.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b7:98:cb:e2:88:cf:8a:65:94:d8:c4:f5:2a:48:
                    d4:66:91:a0:19:ec:9b:98:1b:d4:5d:5a:06:d5:5b:
                    91:00:28:3e:13:05:4c:de:99:75:0f:c0:f2:b4:ed:
                    c9:80:69:4f:07:22:2f:be:b6:c0:a8:5f:64:45:11:
                    3b:7e:20:6a:5b:c2:b5:08:8d:f7:c7:cc:0d:ac:6e:
                    62:ac:6e:e3:c6:3b:d6:f8:44:cf:ea:8f:e7:ab:f4:
                    bc:97:ec:7c:ae:f5:03:89:f6:04:33:24:81:33:30:
                    1b:53:6a:3a:fa:78:bf:81:4f:5a:a5:a8:8c:9e:dd:
                    b0:7e:4a:0a:f9:74:07:b0:5a:6e:63:40:63:e6:9b:
                    6e:c3:d0:3e:42:92:b1:b4:bb:8d:4b:19:f0:32:38:
                    ef:c7:ff:31:c0:2b:e5:ee:2a:c2:98:ca:b2:4e:78:
                    75:f2:43:ce:69:d9:0a:4c:99:e4:c0:b2:e8:fc:24:
                    c8:39:57:f2:a6:31:32:a3:18:55:6d:10:c0:4f:b8:
                    9d:19:3b:d4:6d:ba:cc:54:95:d2:3b:bf:1f:aa:eb:
                    12:7d:50:23:90:9f:9d:37:d4:21:1d:63:6d:cc:c2:
                    ba:9a:2e:67:66:99:b1:e6:c3:94:80:c7:bc:28:cc:
                    fd:9e:ff:63:a0:d1:e7:a9:87:a0:63:2a:f9:ab:5b:
                    19:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17
            X509v3 Subject Key Identifier: 
                9C:EC:99:AD:18:56:48:41:BC:5B:32:30:64:C2:D7:80:93:87:EE:61
            X509v3 Subject Alternative Name: 
                DNS:demand.purestorage.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
                Full Name:
                  URI:http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Dec 12 23:51:40.783 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:C7:82:3B:1C:C2:D5:92:23:88:04:1A:
                                42:15:CF:44:B4:7B:98:01:71:65:9E:5A:B7:92:F3:2E:
                                8F:CB:5F:B0:05:02:21:00:A7:EB:CC:B8:1C:24:4F:E5:
                                79:4D:72:7B:C6:BB:E6:46:0B:24:4A:54:5B:E0:68:C5:
                                7F:EF:C4:32:90:B0:8F:A8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Dec 12 23:51:40.731 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A6:A8:70:09:CF:44:EC:C5:AE:1E:E9:
                                41:5A:96:68:AC:BA:18:CC:1E:7B:A5:EF:CC:A7:C4:5B:
                                C8:36:30:09:F2:02:21:00:C5:29:0C:3E:46:1B:0E:5F:
                                50:22:30:E3:6C:27:64:E1:19:1C:F8:31:EF:DE:C1:97:
                                49:99:F2:B0:A3:BE:11:1B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Dec 12 23:51:40.783 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2B:31:6F:3B:12:B8:10:C6:B4:0F:77:8A:
                                6D:C3:1C:66:0A:9D:0A:0F:F4:2E:5D:8A:28:5F:8B:E5:
                                EC:5B:4D:10:02:21:00:A9:71:FE:93:F9:D6:C1:99:FF:
                                C5:EC:63:62:61:FE:31:6A:49:0A:B9:8F:A4:70:E8:25:
                                90:E4:36:DD:1B:ED:C2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1b:e7:2e:ad:00:d3:8a:de:6e:cb:e0:23:91:15:f7:22:fb:2e:
        c6:f6:28:3d:2c:f1:80:f3:ee:05:82:4e:19:d5:dc:9a:03:14:
        40:cf:14:81:1c:84:bb:0e:0b:a3:11:60:7a:90:4e:bd:0c:0d:
        c4:40:74:fd:ad:95:ab:d3:45:78:6a:9d:73:15:52:8a:31:fa:
        ff:36:a9:62:26:b5:b2:7b:1a:15:fb:ca:ba:8f:36:fe:1f:5b:
        cd:6f:59:a3:86:a1:28:8d:ca:3d:df:10:dc:63:6c:91:fe:c4:
        b7:57:24:0f:83:16:ef:e0:7c:47:c6:de:bb:34:64:d6:c9:e0:
        1b:a8:f5:cf:ab:41:3e:95:ce:b5:53:0b:b1:ae:bf:99:72:2a:
        5d:45:cd:a5:ba:41:ba:c6:d5:32:4f:81:f9:b0:76:7f:10:2e:
        5b:cc:d3:91:ca:21:d5:f8:04:19:77:06:0c:31:6d:96:36:b9:
        1d:c6:63:c6:db:20:29:ab:79:12:86:2b:56:d1:8e:02:30:5a:
        d5:45:2a:00:a0:a2:70:b9:82:07:fa:ef:ab:e2:2b:e3:62:7a:
        b8:ac:95:47:f8:ca:04:7a:fe:bb:35:d4:b2:2b:78:b3:c4:1c:
        6b:f6:3b:62:80:6e:ce:30:3a:2f:2d:7d:6c:9e:29:b1:33:62:
        18:00:c7:e2

12.239.122.129

Last Seen: 2024-04-19

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

954453468 | 2024-04-19T16:30:20.253118
443 / tcp

Products

Pricing

Contact Us

12.239.122.129

Last Seen: 2024-04-19

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

954453468 | 2024-04-19T16:30:20.253118 443 / tcp

Products

Pricing

Contact Us

954453468 | 2024-04-19T16:30:20.253118
443 / tcp