GeneralInformation

Hostnames	bizrate.com
Domains	bizrate.com
Country	United States
City	Seattle
Organization	Connexity, Inc.
ISP	Connexity, Inc.
ASN	AS14332

WebTechnologies

JavaScript libraries

jQuery

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

-2109519026 | 2024-04-19T00:06:56.380971

80 / tcp

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: trafficSourceDebugParam=""; Domain=.218.95; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
P3P: CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Set-Cookie: sessionid=820332618331530415; Domain=.218.95; Path=/; Secure; Max-Age=86400; SameSite=None
Set-Cookie: br=17134852155890313644502030302030480; Domain=.218.95; Path=/; Secure; Max-Age=315360000; SameSite=None
Set-Cookie: _data=_time%3A%3Astart_time%3D1713485215%3Btimestamp%3D1713485215%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dfor%3Brf2%3D%3Bvsc%3Ddan%3Bbroad%3Brf_keyword%7Cdnt%3A%3Aon%3D0%3Bsrc%3D0; Domain=.218.95; Path=/; Secure; Max-Age=86400; SameSite=None
Set-Cookie: rng=3271522; Domain=.218.95; Expires=Sat, 20-Apr-2024 00:06:55 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Fri, 19 Apr 2024 00:06:56 GMT

308596119 | 2024-04-24T23:24:04.279696

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 23:24:02 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: trafficSourceDebugParam=""; Domain=.218.95; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
P3P: CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Set-Cookie: sessionid=620331266942046242; Domain=.218.95; Path=/; Secure; Max-Age=86400; SameSite=None
Set-Cookie: br=17140010422523620395802030301026231; Domain=.218.95; Path=/; Secure; Max-Age=315360000; SameSite=None
Set-Cookie: _data=_time%3A%3Astart_time%3D1714001042%3Btimestamp%3D1714001042%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dcldwlk%3Brf2%3D%3Bvsc%3Ddan%3Bbroad%3Brf_keyword%7Cdnt%3A%3Aon%3D0%3Bsrc%3D0; Domain=.218.95; Path=/; Secure; Max-Age=86400; SameSite=None
Set-Cookie: rng=3397931; Domain=.218.95; Expires=Thu, 25-Apr-2024 23:24:02 GMT; Path=/
Content-Language: en-US

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c9:82:00:c6:fd:03:8b:9d:cb:59:19:8e:a8:67:0c:a0
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Aug 22 00:00:00 2023 GMT
            Not After : Sep 21 23:59:59 2024 GMT
        Subject: CN=*.bizrate.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ad:c1:a0:50:0c:47:67:91:6d:da:34:dd:28:48:
                    1e:59:d9:d3:97:e5:95:e9:ee:0b:57:1e:46:aa:dd:
                    d8:28:7d:d8:fb:de:48:85:04:bf:70:e6:aa:92:c2:
                    ed:6f:45:af:f8:fa:a9:ad:3c:14:db:f6:8f:b2:06:
                    3b:9c:4c:f9:e3:2b:8b:5f:ff:08:27:7b:f1:40:b8:
                    54:98:da:d0:db:eb:35:56:48:37:51:a9:05:dc:b4:
                    89:4c:db:f2:ee:d1:bd:3c:c7:c0:f1:51:28:80:2d:
                    d3:aa:2b:a2:eb:21:01:00:1e:d6:c9:08:a0:5c:c1:
                    71:70:d3:ae:0a:5b:fd:1d:bb:e1:db:63:be:e9:b3:
                    0e:d9:76:a7:3e:2d:46:b5:07:af:59:ee:9b:9e:bd:
                    3b:ab:b0:5d:3c:8c:20:d9:b0:ed:d9:0f:4c:1b:3a:
                    d2:21:92:51:ff:07:08:5a:ed:2f:a7:1d:16:42:b6:
                    16:24:98:13:2c:96:f1:fb:e3:9d:d7:07:99:a9:22:
                    a7:ef:5f:64:65:43:7c:a8:00:7a:a3:d2:8f:a0:54:
                    b3:f4:43:c6:01:28:28:91:ae:ea:bd:08:ba:7e:5c:
                    c1:db:48:86:84:5e:8d:30:72:9b:59:be:0e:06:b4:
                    31:73:b1:09:27:4d:9e:25:cd:13:b8:a1:c1:65:de:
                    e4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                88:50:22:BA:30:20:E4:0E:E5:41:6A:B5:F4:0C:84:A8:66:4D:B1:40
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.bizrate.com, DNS:bizrate.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Aug 22 17:47:58.045 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E3:CF:0C:51:AF:26:5C:96:7C:16:5A:
                                58:D5:9C:2C:E3:73:67:67:C0:1F:9D:0A:77:F2:61:5E:
                                4E:51:7A:A3:9A:02:21:00:B0:35:CF:44:9D:04:C4:62:
                                43:04:70:4D:0E:5A:14:8C:51:45:62:AF:F2:AD:2C:B0:
                                56:A3:6F:80:41:A1:CC:B9
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Aug 22 17:47:58.120 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2D:62:43:A1:E3:6F:C6:DF:3D:46:69:0F:
                                E2:D7:F0:0E:71:98:81:4B:EC:BB:6C:DE:28:1C:DA:39:
                                63:61:AB:36:02:21:00:AD:31:28:FB:DE:21:72:52:FB:
                                33:8F:CD:9E:53:A8:D2:4D:54:C0:10:EA:6B:D6:5E:C7:
                                50:84:88:D3:C7:5F:12
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Aug 22 17:47:58.170 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:20:FF:37:BB:4E:1E:34:9B:17:87:C4:F6:
                                B3:29:E4:B2:79:DE:4F:22:F9:AE:4F:C8:79:99:B5:66:
                                14:4D:2F:44:02:21:00:81:2F:34:34:B8:36:E6:39:72:
                                F0:D3:00:1D:F8:C4:AE:9F:4C:24:15:5C:09:93:8B:74:
                                02:00:D5:33:1C:3A:10
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:cb:50:5f:28:9c:36:0a:1f:93:74:88:52:d4:dd:b1:04:47:
        14:68:1e:00:63:bb:aa:0a:42:02:ca:2a:9a:6e:75:d3:16:c8:
        06:9a:9b:81:c2:4f:19:f6:4e:1e:6b:8b:bf:1b:fa:33:b2:2a:
        b6:ac:9c:f8:32:cf:92:ae:be:81:40:8a:eb:f7:e2:d0:6e:49:
        7b:e5:7d:e6:7c:48:75:7b:bd:ec:28:7f:78:3e:50:4a:72:78:
        e1:f6:f9:93:51:b5:b3:1e:d7:51:a6:4f:5c:4f:3b:5c:0e:e9:
        35:54:f8:97:e4:d8:bb:22:cd:36:38:c5:cf:8d:8f:30:d3:2e:
        44:68:17:44:49:ff:27:83:23:46:0c:45:84:5d:10:0a:db:fb:
        a4:54:dc:1f:8f:1b:24:e2:d4:6e:f6:d2:eb:c3:b3:15:2b:cf:
        fa:c4:10:54:e6:c1:bf:de:54:d0:ce:b8:44:0b:7a:56:f4:89:
        b8:ef:56:cd:51:1b:a4:77:ef:e7:c6:e0:00:be:be:cd:45:a2:
        47:11:6e:c4:ac:f9:07:f8:25:98:3f:43:ba:9e:93:f9:d4:79:
        06:8a:e1:24:e5:cc:89:67:72:7a:22:79:ef:be:3e:d3:8c:78:
        2b:40:9b:fd:3c:2b:78:4e:13:d8:af:3d:92:9e:80:90:39:60:
        05:e7:80:83

192.138.218.95

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2109519026 | 2024-04-19T00:06:56.380971
80 / tcp

Apache Tomcat/Coyote JSP engine1.1

308596119 | 2024-04-24T23:24:04.279696
443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

192.138.218.95

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2109519026 | 2024-04-19T00:06:56.380971 80 / tcp

Apache Tomcat/Coyote JSP engine1.1

308596119 | 2024-04-24T23:24:04.279696 443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

-2109519026 | 2024-04-19T00:06:56.380971
80 / tcp

308596119 | 2024-04-24T23:24:04.279696
443 / tcp