GeneralInformation

Hostnames	static-182-18-153-181.ctrls.in admin.mediagram.news
Domains	ctrls.in mediagram.news
Country	India
City	Hyderābād
Organization	IP pool for CtrlS
ISP	CtrlS
ASN	AS18229

WebTechnologies

JavaScript libraries

jQuery1.11.3

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

443

963000369 | 2024-04-21T21:42:10.822705

443 / tcp

HTTP/1.1 200 
Server: nginx/1.20.1
Date: Sun, 21 Apr 2024 21:42:10 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=F4FA82F3D24E5EC7B085009E181656EA; Path=/; HttpOnly

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:16:de:5c:66:e3:77:5d:a1:8e:51:59:cb:98:b4:80:a3:b1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 28 11:47:47 2024 GMT
            Not After : Jun 26 11:47:46 2024 GMT
        Subject: CN=admin.mediagram.news
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:da:d6:f6:cc:ef:dd:c0:1e:b7:2a:e2:7a:7e:1b:
                    02:73:e2:66:e3:15:1d:ad:5c:26:62:b5:32:67:2a:
                    4e:b1:4a:4f:42:77:ea:dc:1a:12:22:03:c3:de:f4:
                    81:da:1e:96:0d:14:bb:ff:97:4e:de:24:d5:dc:df:
                    c8:83:a7:96:6f:57:ae:50:aa:16:da:34:fe:6d:8f:
                    46:46:26:49:90:6d:d9:38:3c:84:e4:56:55:ee:f9:
                    8d:70:88:71:7c:02:43:25:a0:96:da:63:31:2d:49:
                    04:8c:bf:b0:49:f2:17:b4:7e:f9:9e:76:41:67:74:
                    fa:d5:67:cb:3f:c1:9c:d7:c9:57:63:62:84:0c:60:
                    80:1c:31:3b:99:f7:4b:04:f3:74:f9:66:59:16:e3:
                    05:4c:99:b7:0b:66:a1:c2:f5:c5:7e:6a:b0:89:01:
                    7e:df:1d:e2:5e:ab:a5:ba:5b:ad:a6:d4:19:d3:2d:
                    98:10:e1:91:31:ab:bd:68:e9:1a:34:a0:6d:57:2e:
                    a4:7e:ab:1a:36:89:f0:43:ba:5d:d1:2b:fe:00:d5:
                    42:bf:21:61:20:a3:13:3d:78:e5:ca:fb:dd:09:5f:
                    2b:a3:fe:f4:39:22:8c:88:e2:e6:4f:27:82:45:dc:
                    a4:96:29:98:22:74:19:98:e6:95:0d:44:92:50:e6:
                    9a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                4C:A6:F9:E9:D7:47:C9:1C:6B:8C:14:F6:36:E5:D5:6D:9D:9C:4A:BA
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:admin.mediagram.news
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 28 12:47:47.901 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:12:51:AF:D6:FF:0D:FB:2D:2F:9E:5B:ED:
                                96:79:5C:EE:BE:2D:A6:56:77:C6:DB:6C:EE:66:D1:6F:
                                67:AC:88:41:02:20:3A:FB:35:FC:9A:86:8B:09:28:5A:
                                38:5E:C9:AF:A6:21:5F:80:9F:D6:52:CC:D5:59:5A:70:
                                76:46:E3:95:05:37
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 28 12:47:47.865 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:47:C6:13:CA:4E:58:CA:1F:B5:95:58:C9:
                                92:F2:46:CA:DF:38:32:5B:69:84:5D:4E:BF:02:DA:7A:
                                9B:EB:0B:ED:02:21:00:E6:41:AE:FD:49:3C:11:48:5C:
                                0A:63:3C:B3:25:AE:07:E2:88:A4:42:6B:B7:B8:76:5A:
                                44:82:AD:AF:7D:54:7F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        48:94:9f:ee:c2:a6:36:d6:27:d3:41:08:b5:00:2b:10:52:47:
        3f:e1:cc:96:0b:ea:08:85:26:2e:81:70:49:44:6e:89:25:26:
        55:e8:87:9c:e9:46:db:7c:1f:f9:3d:42:aa:50:62:f4:29:c7:
        ec:b7:14:3b:6c:8d:04:8d:02:e4:ba:67:28:0c:67:28:9e:f1:
        6a:3c:17:63:86:5f:fb:95:8c:45:00:f6:9b:dc:84:eb:93:7c:
        c2:92:a8:26:85:67:56:ed:4c:f1:fe:e8:17:3d:ad:1c:86:73:
        39:60:f0:24:c5:8f:2c:34:c3:60:f4:40:31:30:05:59:36:b2:
        de:92:3c:a0:b4:06:25:a8:e4:d9:b9:2f:71:8f:b4:d2:b2:6d:
        8f:92:17:70:73:22:ab:47:e5:4f:af:bc:d1:0c:d7:dd:d7:69:
        7e:b0:9e:c7:1c:13:e4:60:8e:dc:80:96:b9:60:51:e3:20:b3:
        7e:85:75:4d:1a:b1:29:84:04:ec:10:bb:ff:26:54:ce:41:71:
        b1:f8:e2:e6:df:0f:7e:d4:0a:5f:61:8c:d1:c5:1e:e8:27:1d:
        31:07:66:f8:b3:35:66:83:a3:2a:8a:df:bc:dc:6a:30:75:b8:
        2f:ac:9d:78:a0:40:8f:9d:9d:f3:74:dd:92:a1:d8:04:74:1e:
        8d:72:c5:c7

182.18.153.181

Last Seen: 2024-04-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

963000369 | 2024-04-21T21:42:10.822705
443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

182.18.153.181

Last Seen: 2024-04-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

963000369 | 2024-04-21T21:42:10.822705 443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

963000369 | 2024-04-21T21:42:10.822705
443 / tcp