GeneralInformation

Hostnames	autodiscover.devanlay.com webmail.devanlay.com outlook.lacoste.com autodiscover.mf-brands.com indianapolis.nexen.net
Domains	devanlay.com lacoste.com mf-brands.com nexen.net
Country	France
City	Saint-Cloud
Organization	Alter way Makers : Cloud service
ISP	Alter Way SAS
ASN	AS41628
Operating System	Debian

WebTechnologies

CDN

Google Hosted Libraries

JavaScript libraries

Maps

Miscellaneous

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2015-4000	4.3The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2015-0204	4.3The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
CVE-2014-0160	5.0The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

OpenPorts

80 443 2222

1722115835 | 2024-05-19T13:07:31.173376

80 / tcp

HTTP/1.1 200 OK
Date: Sun, 19 May 2024 13:02:48 GMT
Server: Apache
X-Powered-By: PHP/5.3.21-1~dotdeb.0
Set-Cookie: PHPSESSID=f542eb9b0c8d5b578d34fee46d571a9e; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

-1545469636 | 2024-05-20T07:24:02.714260

443 / tcp

HTTP/1.1 200 OK
Date: Mon, 20 May 2024 07:19:20 GMT
Server: Apache
X-Powered-By: PHP/5.3.21-1~dotdeb.0
Set-Cookie: PHPSESSID=66b6a1031ed02360fa699e61a1f2c661; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:0b:ff:19:04:31:74:1d:8d:51:96:26
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018
        Validity
            Not Before: Jul 17 12:51:03 2023 GMT
            Not After : Aug 17 12:51:02 2024 GMT
        Subject: C=FR, ST=Aube, L=Troyes, O=LACOSTE OPERATIONS SA, CN=outlook.lacoste.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c0:69:dd:2e:09:74:32:f0:de:22:29:9f:fa:7f:
                    e8:88:c7:fd:00:b0:a8:fe:f6:0d:0a:c7:db:f3:03:
                    4d:a8:40:cb:80:46:0a:3f:fd:eb:58:c4:c0:89:70:
                    fa:a1:99:37:b4:07:0f:4d:e1:11:19:7c:df:19:2f:
                    39:9a:36:12:7e:59:3a:b6:7e:0c:ee:5f:79:33:52:
                    56:90:33:f2:d5:5c:31:9b:9f:6f:76:82:c8:41:d7:
                    3d:6c:fd:fc:2e:27:cc:41:bb:cd:45:02:6c:bd:fd:
                    cc:4d:eb:0e:0e:6c:a9:8b:7e:1c:41:3a:d7:cd:ba:
                    82:85:26:57:0c:80:a0:a5:0e:88:d9:ef:4d:40:4d:
                    18:bb:e2:59:fb:10:2f:14:27:ba:6a:fe:2f:53:3a:
                    5f:a5:1c:77:45:30:44:d9:7b:5f:cd:78:98:ad:ea:
                    5a:fe:42:96:2a:a0:63:54:9a:c0:bc:12:37:a9:a8:
                    2d:fb:2a:f9:3f:70:4e:59:f9:83:ba:86:6a:74:4c:
                    9e:33:3b:50:16:7f:26:ab:f5:3b:c0:51:75:0d:73:
                    67:4d:2f:25:d1:c4:59:16:3d:cd:55:2f:25:e5:ce:
                    65:21:08:b4:c9:4b:ef:77:6b:14:b8:6d:52:81:a9:
                    dc:8a:79:47:61:2e:2c:8e:b5:c2:7d:e0:64:b1:a8:
                    75:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt
                OCSP - URI:http://ocsp.globalsign.com/gsrsaovsslca2018
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsrsaovsslca2018.crl
            X509v3 Subject Alternative Name: 
                DNS:outlook.lacoste.com, DNS:webmail.devanlay.com, DNS:autodiscover.devanlay.com, DNS:autodiscover.mf-brands.com, DNS:*.lacoste.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                F8:EF:7F:F2:CD:78:67:A8:DE:6F:8F:24:8D:88:F1:87:03:02:B3:EB
            X509v3 Subject Key Identifier: 
                09:A5:CC:7D:C8:17:AE:A9:FA:D4:F4:B2:A5:5A:B0:65:57:76:3D:D8
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Jul 17 12:51:10.587 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7A:1B:7F:84:00:E7:F4:73:78:35:87:CC:
                                A7:EB:83:10:11:B7:B0:F8:8C:C0:4E:73:DD:57:C8:C4:
                                C5:C8:6B:18:02:20:1F:36:9E:A5:C0:1D:BF:80:F1:90:
                                26:D6:00:91:76:BB:41:2F:77:BE:A7:08:56:0A:A4:67:
                                37:8B:B8:80:94:2E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jul 17 12:51:09.847 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1D:24:AC:2D:C5:DB:D9:52:88:DA:1F:63:
                                D5:D8:38:6E:82:F3:7A:44:C4:F4:E5:66:EC:1E:41:87:
                                DA:26:25:B3:02:21:00:AE:18:BD:57:C0:A5:FB:BF:39:
                                03:14:B7:71:D9:D9:99:B3:71:C2:FE:05:C3:BE:39:50:
                                03:F1:5F:AC:35:05:DD
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Jul 17 12:51:09.866 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:35:7E:19:00:E0:3E:EC:B4:DD:98:CA:E3:
                                79:FF:99:80:04:98:C2:03:BD:C5:C2:1C:60:96:D8:D8:
                                1E:D6:87:B4:02:20:7A:E7:60:D5:FA:36:26:DA:27:DB:
                                A8:80:56:C1:9D:1F:7C:EC:A6:0E:4F:F7:6A:82:F6:14:
                                C0:05:06:B5:8C:32
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        20:78:cb:80:9b:42:9a:8e:bc:59:70:e6:27:a3:e0:90:89:fa:
        46:2c:7e:91:87:06:4f:0a:37:5a:a4:44:a8:04:d6:b0:4e:13:
        3c:d5:ba:c8:70:17:b9:3f:9a:e3:2b:f1:09:20:e7:48:09:8c:
        79:35:cb:a6:26:0d:9a:ec:32:86:cd:88:1c:d1:55:0a:c8:6a:
        c4:d3:54:b6:26:83:69:82:fe:e5:d2:f1:13:3b:69:c4:f2:60:
        27:0b:7d:1d:b8:c3:20:55:be:54:ca:d6:c8:8a:88:cd:33:be:
        b4:e3:77:5c:28:e6:e6:d7:99:71:0f:8e:05:8d:b4:f3:5b:8a:
        c9:75:86:0c:0b:0e:ed:bc:de:94:8a:c0:f2:ac:fc:51:4b:73:
        43:7c:9c:74:2c:9b:a8:4d:5f:cf:57:96:e5:3a:6e:09:1a:ee:
        90:a6:e7:af:5e:e9:f6:89:01:82:c3:91:4c:9e:79:be:7b:21:
        bb:b1:82:5c:83:6c:82:0a:4d:73:04:84:97:af:ee:3b:9e:71:
        86:7a:b9:f8:90:8c:91:e1:81:48:83:04:46:54:d9:e4:e9:a3:
        d2:6b:9c:df:bd:4d:33:c2:a4:83:67:53:38:83:f9:d4:63:6f:
        c6:cc:7e:94:a6:2b:5e:1d:bb:86:c1:dc:65:34:29:54:b9:24:
        d9:35:61:23

-665749497 | 2024-05-20T21:09:10.847803

2222 / tcp

SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze5
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDpfahPc8HmEendJH+3q98VewLad1d80KVMo6TvfnHUEjq1
DkEhCPKkpyS+eMTPvKKguUlnO4td0jYic8ouw7gEgs+4gdQnc7AuBsyirOhg0mORrlN7lpR2LPnz
Dd44M+npW5Nk/L9LDqOZJG90DnO7KM91ehWTxQniI3tpxHgU2XSQc2sdvDTSb7eHfE/kFj/djaSm
qJGAFLMjohSsCi+CmaCZWioiqNvGHPbGaYndy+mC6cG9fpJkbWk8KhVrYmvflyRBUbBo32tW2usq
8V7NawdmSwTXvrmfKL/sjT5rnV4bODJ0n/wGXHCpcN86GeQprK9htOnCnyG/lqkiwnbJ
Fingerprint: 4e:d5:2c:c0:45:22:0b:5d:dc:d8:e7:ad:f2:47:a8:ae

Kex Algorithms:
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	arcfour256
	arcfour128
	aes128-cbc
	3des-cbc
	blowfish-cbc
	cast128-cbc
	aes192-cbc
	aes256-cbc
	arcfour
	rijndael-cbc@lysator.liu.se

MAC Algorithms:
	hmac-md5
	hmac-sha1
	umac-64@openssh.com
	hmac-ripemd160
	hmac-ripemd160@openssh.com
	hmac-sha1-96
	hmac-md5-96

Compression Algorithms:
	none
	zlib@openssh.com

89.31.146.229

Last Seen: 2024-05-20

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1722115835 | 2024-05-19T13:07:31.173376
80 / tcp

Apache httpd

-1545469636 | 2024-05-20T07:24:02.714260
443 / tcp

Apache httpd

-665749497 | 2024-05-20T21:09:10.847803
2222 / tcp

OpenSSH5.5p1 Debian 6+squeeze5

Products

Pricing

Contact Us

89.31.146.229

Last Seen: 2024-05-20

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1722115835 | 2024-05-19T13:07:31.173376 80 / tcp

Apache httpd

-1545469636 | 2024-05-20T07:24:02.714260 443 / tcp

Apache httpd

-665749497 | 2024-05-20T21:09:10.847803 2222 / tcp

OpenSSH5.5p1 Debian 6+squeeze5

Products

Pricing

Contact Us

1722115835 | 2024-05-19T13:07:31.173376
80 / tcp

-1545469636 | 2024-05-20T07:24:02.714260
443 / tcp

-665749497 | 2024-05-20T21:09:10.847803
2222 / tcp