GeneralInformation

Hostnames	hosting.reg.ru backup169.hosting.reg.ru
Domains	reg.ru
Country	Russian Federation
City	Moscow
Organization	Reg.Ru Hosting
ISP	"Domain names registrar REG.RU", Ltd
ASN	AS197695

WebTechnologies

JavaScript libraries

jQuery1.4.4

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	6.1jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	6.1jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

111 443

99167132 | 2024-03-18T18:09:46.746547

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	41954
status	1	tcp	35765

-2000486623 | 2024-04-16T17:26:34.703737

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 17:26:34 GMT
Content-Type: text/html
Content-Length: 20095
Last-Modified: Fri, 14 Jul 2017 12:37:25 GMT
Connection: keep-alive
ETag: "5968bb05-4e7f"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:93:a7:67:9d:1c:83:d5:7c:1f:e8:61
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
        Validity
            Not Before: Jan 23 14:29:50 2024 GMT
            Not After : Feb 23 14:29:49 2025 GMT
        Subject: CN=*.hosting.reg.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:b6:e8:7f:7d:67:08:b3:6f:36:0b:2f:8d:93:c4:
                    de:60:17:04:f7:6b:3c:01:d4:31:46:dd:a8:8e:9b:
                    57:49:ed:b6:dc:4d:ba:8c:46:70:a6:bc:84:ff:f1:
                    42:84:be:c7:73:e6:96:21:d6:77:09:d1:1b:7f:94:
                    50:aa:eb:56:3e:88:b3:9a:9f:9e:22:90:6b:7d:4c:
                    a5:27:6b:56:3d:9f:8a:6f:c8:92:02:b6:b5:c7:f9:
                    41:95:c4:2c:1a:d0:8e:9d:c0:37:05:ee:e6:23:d2:
                    f3:ce:a6:c5:62:af:3e:54:2e:d5:cd:0f:42:3b:ba:
                    56:15:6b:7b:d1:76:13:66:36:97:1f:e9:07:0c:9a:
                    dd:b7:06:e9:2b:d1:c0:ea:8d:5f:d0:74:83:d8:3d:
                    e0:e1:4c:f5:b2:cf:6c:5e:89:32:03:49:b5:7f:7f:
                    98:98:5c:1b:a4:16:7b:b8:54:b4:23:5f:65:c4:30:
                    18:f6:a9:a4:ef:fb:9f:d7:48:0d:3e:fa:aa:3b:c5:
                    90:b4:e8:6e:16:13:fe:b4:08:36:2f:31:4f:01:f2:
                    50:af:59:a7:37:a2:59:4b:8a:8f:9b:58:41:87:7a:
                    25:46:58:f4:12:a9:33:3b:ff:06:b6:bd:b9:32:2c:
                    69:bd:8d:36:f9:97:bf:63:1a:d2:c1:d8:2d:89:94:
                    10:51:69:d2:19:92:55:71:6b:72:ba:c0:8f:5c:68:
                    01:4a:a6:da:8e:da:75:c1:36:94:e1:5d:a6:11:af:
                    12:14:77:3a:73:27:17:2b:d2:c2:1b:27:95:83:67:
                    93:a7:b3:0c:db:89:78:10:c9:17:c9:1b:52:8b:6a:
                    58:0e:60:33:ed:8e:b3:45:38:06:6d:ad:f1:ab:e9:
                    a9:82:db:e8:2c:ba:a5:24:a9:a0:18:e5:ca:3b:4d:
                    be:a0:d4:00:3a:5d:47:f7:fb:ec:61:dc:bb:f9:e0:
                    db:e7:ac:92:22:75:d5:3e:a9:9c:46:5e:b6:16:06:
                    e4:7f:84:9c:46:65:b5:d5:d3:2b:bc:de:c4:70:d7:
                    4e:ce:66:a9:c4:dd:86:06:a5:16:54:4b:2b:e4:63:
                    9d:bf:54:38:e5:58:22:9c:6b:5a:71:c6:37:74:f3:
                    0a:32:7a:cf:97:d7:5c:e6:f4:4e:71:eb:6d:2f:1a:
                    bf:a3:36:37:e4:da:3f:e1:3d:3a:c7:de:13:80:17:
                    23:e4:3d:eb:c9:c6:85:61:34:96:44:bc:09:42:4d:
                    85:8f:de:92:e8:19:ca:c9:17:09:49:96:1e:1c:8c:
                    fd:6f:56:69:db:a4:fa:19:f3:79:49:af:76:cf:2b:
                    61:fa:69:51:54:6e:81:83:66:c1:55:5f:11:2d:bd:
                    0b:17:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/alphasslcasha256g4.crt
                OCSP - URI:http://ocsp.globalsign.com/alphasslcasha256g4
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.4146.10.1.3
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/alphasslcasha256g4.crl
            X509v3 Subject Alternative Name: 
                DNS:*.hosting.reg.ru, DNS:hosting.reg.ru
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                4F:CB:AC:A8:C2:EF:AB:DD:83:6F:6B:BF:CE:98:3D:5C:58:25:76:15
            X509v3 Subject Key Identifier: 
                35:ED:77:BF:33:62:7F:FE:F2:49:1C:69:47:E4:73:40:07:0A:20:BF
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 23 14:30:01.270 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0F:84:FD:73:A7:97:85:B4:59:4F:DF:47:
                                17:C2:83:4B:04:73:A1:24:F5:99:FE:C0:A8:19:6D:F7:
                                2A:30:AF:8A:02:20:45:C4:01:BF:C6:71:00:A0:7F:38:
                                0A:F2:C2:59:FA:27:F5:97:AC:83:49:58:3F:96:E9:5E:
                                85:23:DA:EA:86:CB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Jan 23 14:30:01.279 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E9:DA:E5:8B:24:97:C3:1D:EB:48:BE:
                                21:69:24:8F:32:C7:E6:4E:39:43:0B:8B:B7:A2:6B:F0:
                                B6:A2:6B:0F:C3:02:21:00:A6:A0:61:25:07:98:90:EB:
                                AB:7E:00:6F:98:4F:EF:24:F8:C0:6D:92:84:64:56:22:
                                D6:31:B4:28:E0:D0:06:DF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Jan 23 14:30:01.309 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:58:45:7C:6D:D6:2E:8F:A2:EF:45:AA:F8:
                                70:B7:26:93:E1:CA:53:4E:BE:17:51:61:DA:00:AC:ED:
                                39:D1:B8:FF:02:21:00:85:FC:D2:75:B6:0E:33:D5:A1:
                                DB:C7:26:E6:13:F1:9A:B2:5E:66:4B:B0:AA:2D:81:73:
                                C2:4B:F2:F7:5F:1F:BE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        30:a6:6b:81:96:6e:55:7f:bf:35:c1:78:3a:31:81:1b:69:91:
        a3:33:6f:4c:74:7e:06:f0:6e:e6:d9:c6:20:52:64:ba:d2:dc:
        ed:2f:c7:bc:17:22:d9:36:ef:a6:5e:30:3a:2b:be:6a:d3:dc:
        de:72:82:c9:a4:51:9e:76:89:e3:0b:0d:ac:e3:27:d4:ff:6d:
        56:69:11:fb:18:85:02:85:1c:8d:48:2d:4f:b2:67:59:81:e8:
        d3:3d:9d:0b:7d:bc:87:f4:36:82:00:47:ff:fc:fb:2d:ba:b2:
        af:bc:22:00:33:83:cd:3f:4b:e6:c0:8e:f7:e4:17:8c:1d:d0:
        73:b9:f2:93:82:cc:7c:f2:ec:be:7a:5a:c1:5a:93:e2:4e:34:
        31:8c:51:c3:a9:f0:53:71:04:f9:ea:49:30:3f:ef:6e:4b:56:
        01:43:4f:ea:91:26:63:7b:c8:0b:74:b9:34:6c:1e:99:ce:d6:
        af:ac:cc:5d:48:61:6c:d6:b2:20:b2:c3:eb:80:a2:b7:44:94:
        6e:f6:4c:f8:93:c8:d1:39:82:4f:c9:29:1e:e2:75:8a:e1:37:
        ab:5f:53:5c:96:8c:98:c6:97:7c:79:1c:08:14:a4:02:ef:bf:
        32:34:e0:4c:c5:e2:56:e2:6b:5e:dc:3e:06:46:c1:3a:fb:10:
        7e:e1:02:81

37.140.192.181

Last Seen: 2024-04-16

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

99167132 | 2024-03-18T18:09:46.746547
111 / tcp

-2000486623 | 2024-04-16T17:26:34.703737
443 / tcp

nginx

Products

Pricing

Contact Us

37.140.192.181

Last Seen: 2024-04-16

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

99167132 | 2024-03-18T18:09:46.746547 111 / tcp

-2000486623 | 2024-04-16T17:26:34.703737 443 / tcp

nginx

Products

Pricing

Contact Us

99167132 | 2024-03-18T18:09:46.746547
111 / tcp

-2000486623 | 2024-04-16T17:26:34.703737
443 / tcp