GeneralInformation

Hostnames	ip138.ip-51-89-187.eu
Domains	ip-51-89-187.eu
Country	United Kingdom
City	London
Organization	OVH SAS
ISP	OVH SAS
ASN	AS16276

WebTechnologies

JavaScript libraries

jQuery1.2.6

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

22 80 111 137 443 445

-627103927 | 2024-04-24T15:00:25.463607

22 / tcp

SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCvR5dK1uLHbNaUHA2hdXbiqDqCnz7i1Lvxmkqlnvkw5i9E
NnJXjDQBtcPbyW4UXgoPhESzRS5YbVe0A6FkgaxOJ4GyC8IB6HZBJ9g1vXj73KhKYARWeiYGDYt4
Lbc9OHbOKO/fSgnWLPI94bFUnrC//lbZE5OJJK+L7oVqziC7ba0LayPYPmrUkhyoiPj2P1oJzSfo
6QIhqF57IPonU3sE2uIa4WWIfrycrasc+nIJwgCqYbOOHAorK5RHva04cAVdQUfc7KqvJdutQzqD
05zsWpqLBAHgES8G2sD/MfTjbFrgqixoMejLXJbEfSWIj37QIpseCDZiRllPRRVmOvjt
Fingerprint: 38:e9:da:2d:c1:9f:c5:fe:3f:69:15:3b:9c:74:c6:27

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1599140520 | 2024-04-27T17:44:02.949836

80 / tcp

HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 17:44:02 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

-1345205424 | 2024-04-25T07:13:44.973668

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-1345205424 | 2024-04-19T04:30:00.556976

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-715670718 | 2024-04-28T02:20:06.854877

137 / udp

NetBIOS Response:
  Server Name: FILESERVER
  MAC Address: 00:00:00:00:00:00
  Names:
    FILESERVER <0x0>
    FILESERVER <0x3>
    FILESERVER <0x20>
    \x01\x02__MSBROWSE__\x02 <0x1>
    WORKGROUP <0x0>
    WORKGROUP <0x1d>
    WORKGROUP <0x1e>
  Additional Interfaces:
    192.168.0.3
    32.32.0.3

864306896 | 2024-04-25T23:40:54.309975

443 / tcp

HTTP/1.1 401 Unauthorized
Date: Thu, 25 Apr 2024 23:40:54 GMT
Server: Apache
WWW-Authenticate: Basic realm="WebDAV space"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:ba:09:7d:3c:c2:4c:7c:e5:48:08:8f:d3:08:f7:19:bf:c6:b1:f8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFRelay01
        Validity
            Not Before: Dec 13 10:32:00 2021 GMT
            Not After : Dec 13 10:32:00 2031 GMT
        Subject: CN=DFRelay01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e9:ef:d5:16:0e:32:52:da:01:ed:31:0b:15:8c:
                    42:33:ea:fe:b7:77:78:01:e8:ae:b4:54:20:36:e9:
                    37:4c:4e:4a:2e:46:95:c3:1e:3c:97:44:a9:dd:f1:
                    ae:a6:c5:3d:3b:ea:c8:62:2c:68:7b:09:2b:23:e5:
                    d9:bb:96:c6:91:df:78:38:69:ab:2f:e4:69:f3:b0:
                    f9:20:73:4c:4d:6a:90:15:83:8c:98:fc:10:fd:b3:
                    eb:3a:7d:77:76:33:bb:ba:47:6a:00:bd:47:a2:0c:
                    09:0b:3e:a3:b9:78:c3:55:68:63:6b:80:0c:c5:90:
                    0e:b0:1b:af:50:0c:0b:2a:db:c7:6b:16:09:d3:fc:
                    07:85:7e:c7:ed:a1:d9:7c:d4:62:50:b9:5c:71:5a:
                    4a:c6:b3:af:92:3c:9f:bf:11:d2:70:e7:fb:d4:db:
                    be:db:b4:fc:42:44:fe:f6:57:cf:be:bf:50:bc:23:
                    04:f7:06:a0:55:b3:b2:be:59:80:e8:30:23:13:49:
                    45:d7:93:2e:05:a0:69:65:4b:11:9f:4d:fc:b5:29:
                    d4:aa:d1:30:92:ee:19:6a:a0:4b:2c:54:14:87:ec:
                    ed:d9:e5:49:1b:82:a4:79:b3:0b:ce:12:54:ae:92:
                    f3:1c:66:b0:d5:c0:70:d8:fe:aa:46:f5:17:98:95:
                    f2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Alternative Name: 
                DNS:DFRelay01
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        18:53:bd:6a:ad:12:ea:5f:0c:99:4f:e4:12:9c:f5:49:3a:97:
        fe:51:51:2b:55:63:6f:12:3c:b5:26:a4:0d:70:94:8f:66:de:
        de:0a:89:91:e6:9c:a6:22:03:bb:1f:1b:ec:b6:64:27:2a:f0:
        28:b8:44:94:d1:f7:c7:82:11:e5:63:e7:e5:46:b9:88:b7:b5:
        e0:95:74:b7:83:09:c4:c8:2b:1f:3b:0f:74:f0:35:37:59:62:
        01:eb:2e:ba:49:45:8a:33:d7:53:21:c5:42:5f:ad:46:77:36:
        b0:19:8b:b3:33:38:59:97:8f:b0:2d:25:34:30:76:f1:56:e3:
        f9:42:db:f0:0b:f4:86:1d:c8:13:35:e6:fe:8a:36:30:1f:72:
        51:20:46:82:2f:df:6f:cd:fe:bf:37:3e:ba:0b:d6:c1:21:ab:
        d8:55:5f:e2:04:21:59:3e:b0:b4:e5:48:72:45:b6:1c:48:2c:
        56:b7:9d:2c:7e:d1:cb:ef:42:01:0c:c9:9b:0e:01:4b:70:3e:
        b7:0a:9a:29:25:aa:6c:cb:76:4e:dc:6d:7b:a7:c9:78:f6:9a:
        6a:e9:dd:89:26:01:b1:67:4b:b9:72:e4:db:23:6b:6c:ef:41:
        33:18:90:c9:e7:cc:01:94:58:3e:14:1c:14:c9:86:aa:1b:81:
        58:34:d1:94

-2035895528 | 2024-04-15T15:02:22.399264

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows 6.1
  Software: Samba 4.9.5-Debian
  Capabilities: dfs, extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, nt-find, nt-smb, nt-status, raw-mode, rpc-remote-api, unicode, unix

51.89.187.138

Last Seen: 2024-04-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-627103927 | 2024-04-24T15:00:25.463607
22 / tcp

OpenSSH7.9p1 Debian 10+deb10u2

-1599140520 | 2024-04-27T17:44:02.949836
80 / tcp

Apache httpd

-1345205424 | 2024-04-25T07:13:44.973668
111 / tcp

-1345205424 | 2024-04-19T04:30:00.556976
111 / udp

-715670718 | 2024-04-28T02:20:06.854877
137 / udp

864306896 | 2024-04-25T23:40:54.309975
443 / tcp

Apache httpd

-2035895528 | 2024-04-15T15:02:22.399264
445 / tcp

Samba4.9.5-Debian

Products

Pricing

Contact Us

51.89.187.138

Last Seen: 2024-04-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-627103927 | 2024-04-24T15:00:25.463607 22 / tcp

OpenSSH7.9p1 Debian 10+deb10u2

-1599140520 | 2024-04-27T17:44:02.949836 80 / tcp

Apache httpd

-1345205424 | 2024-04-25T07:13:44.973668 111 / tcp

-1345205424 | 2024-04-19T04:30:00.556976 111 / udp

-715670718 | 2024-04-28T02:20:06.854877 137 / udp

864306896 | 2024-04-25T23:40:54.309975 443 / tcp

Apache httpd

-2035895528 | 2024-04-15T15:02:22.399264 445 / tcp

Samba4.9.5-Debian

Products

Pricing

Contact Us

-627103927 | 2024-04-24T15:00:25.463607
22 / tcp

-1599140520 | 2024-04-27T17:44:02.949836
80 / tcp

-1345205424 | 2024-04-25T07:13:44.973668
111 / tcp

-1345205424 | 2024-04-19T04:30:00.556976
111 / udp

-715670718 | 2024-04-28T02:20:06.854877
137 / udp

864306896 | 2024-04-25T23:40:54.309975
443 / tcp

-2035895528 | 2024-04-15T15:02:22.399264
445 / tcp