GeneralInformation

Hostnames	adsl-89-165-5-242.sabanet.ir
Domains	sabanet.ir
Country	Iran, Islamic Republic of
City	Shiraz
Organization	Neda Gostar Saba Data Transfer Company Private Joint Stock - Tehran
ISP	NGSAS NedaGostarSaba
ASN	AS39501

WebTechnologies

JavaScript frameworks

JavaScript graphics

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 81 443 554 3000 8082 9100

-2057155424 | 2024-03-31T05:55:20.487828

80 / tcp

HTTP/1.0 200 OK
Date: Sun, 31 Mar 2024 05:58:38 GMT
Server: Boa/0.94.13
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization
Connection: close
Content-Length: 33151
Last-Modified: Mon, 22 Jul 2019 09:59:09 GMT
Cache-Control: no-cache,must-revalidate
Content-Type: text/html

1260479577 | 2024-04-04T01:32:39.742996

81 / tcp

HTTP/1.1 405 Method Not Allowed
Server: gSOAP/2.8
Content-Type: text/xml; charset=utf-8
Content-Length: 3420
Connection: close

-2057155424 | 2024-04-19T05:05:13.810396

443 / tcp

HTTP/1.0 200 OK
Date: Fri, 19 Apr 2024 05:09:47 GMT
Server: Boa/0.94.13
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization
Connection: close
Content-Length: 33151
Last-Modified: Mon, 22 Jul 2019 09:59:09 GMT
Cache-Control: no-cache,must-revalidate
Content-Type: text/html

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:a7:75:b6:f8:de:29:a1
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=CN, ST=Tianjin, O=Tiandy Tech, CN=dvr_ui
        Validity
            Not Before: May  2 05:32:17 2013 GMT
            Not After : Apr 30 05:32:17 2023 GMT
        Subject: C=CN, ST=Tianjin, O=Tiandy Tech, CN=dvr_ui
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:e3:99:5d:0c:48:6a:13:3f:2b:88:c1:48:3d:db:
                    1b:74:27:cd:7d:72:bf:63:5d:d6:61:82:b4:e9:72:
                    42:5f:47:e9:3b:25:37:1d:75:15:c8:b7:16:80:70:
                    e6:c8:6a:72:5e:28:5f:98:e6:87:63:d3:81:0f:91:
                    4f:40:04:98:35:c0:b3:cd:5c:36:ca:75:0b:1c:bd:
                    1d:e6:46:96:4c:d9:57:8d:60:2a:f1:6a:23:3b:63:
                    09:21:b1:95:8a:66:b4:85:94:3f:b8:f5:b3:93:a8:
                    73:39:12:32:41:03:c5:b7:79:f8:fc:68:6e:54:da:
                    54:e4:82:e6:52:ce:fe:9e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7C:2B:AB:F6:7C:76:A8:7E:FC:80:3D:1F:E0:BC:CF:99:B4:E4:B1:B2
            X509v3 Authority Key Identifier: 
                7C:2B:AB:F6:7C:76:A8:7E:FC:80:3D:1F:E0:BC:CF:99:B4:E4:B1:B2
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        a9:ba:57:cd:c9:e0:7b:7e:f1:f7:98:f4:98:5e:b4:52:8f:8f:
        72:8e:78:6f:1b:62:b6:73:b2:48:16:78:be:64:ac:be:c4:a8:
        2c:27:e0:b2:93:18:80:f4:8f:d7:b0:d8:50:0a:44:a1:a1:9f:
        21:3b:76:ad:55:d9:af:87:e1:f2:4d:4b:2c:2a:fd:51:0d:03:
        55:38:b0:60:ae:12:47:31:6b:1d:2f:a6:c0:49:9c:e7:0a:c9:
        ef:a3:25:e1:1c:12:f5:b5:64:02:f6:95:60:7d:04:83:65:27:
        0d:5b:b3:bb:c0:28:f4:bc:70:b2:af:c1:c6:f6:71:0a:33:1b:
        e9:2f

-1925465756 | 2024-04-18T15:34:02.040662

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Date: Thu, 18 Apr 2024 19:08:36 GMT
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, SET_PARAMETER, GET_PARAMETER
Server: RTSP Server

-2053066835 | 2024-03-31T14:31:58.742303

3000 / tcp

220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 2 of 5 allowed.
220-Local time is now 18:05. Server port: 3000.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

570015465 | 2024-04-19T19:24:18.414170

8082 / tcp

HTTP/1.1 405 Method Not Allowed
Server: gSOAP/2.8
Content-Type: text/xml; charset=utf-8
Content-Length: 3371
Connection: close

-57954756 | 2024-04-13T08:32:22.506505

9100 / tcp

HTTP/1.0 200 OK
Cache-Control: no-store

89.165.5.242

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2057155424 | 2024-03-31T05:55:20.487828
80 / tcp

Boa HTTPd0.94.13

1260479577 | 2024-04-04T01:32:39.742996
81 / tcp

gSOAP soap2.8

-2057155424 | 2024-04-19T05:05:13.810396
443 / tcp

Boa HTTPd0.94.13

-1925465756 | 2024-04-18T15:34:02.040662
554 / tcp

-2053066835 | 2024-03-31T14:31:58.742303
3000 / tcp

Pure-FTPd

570015465 | 2024-04-19T19:24:18.414170
8082 / tcp

gSOAP soap2.8

-57954756 | 2024-04-13T08:32:22.506505
9100 / tcp

Products

Pricing

Contact Us

89.165.5.242

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2057155424 | 2024-03-31T05:55:20.487828 80 / tcp

Boa HTTPd0.94.13

1260479577 | 2024-04-04T01:32:39.742996 81 / tcp

gSOAP soap2.8

-2057155424 | 2024-04-19T05:05:13.810396 443 / tcp

Boa HTTPd0.94.13

-1925465756 | 2024-04-18T15:34:02.040662 554 / tcp

-2053066835 | 2024-03-31T14:31:58.742303 3000 / tcp

Pure-FTPd

570015465 | 2024-04-19T19:24:18.414170 8082 / tcp

gSOAP soap2.8

-57954756 | 2024-04-13T08:32:22.506505 9100 / tcp

Products

Pricing

Contact Us

-2057155424 | 2024-03-31T05:55:20.487828
80 / tcp

1260479577 | 2024-04-04T01:32:39.742996
81 / tcp

-2057155424 | 2024-04-19T05:05:13.810396
443 / tcp

-1925465756 | 2024-04-18T15:34:02.040662
554 / tcp

-2053066835 | 2024-03-31T14:31:58.742303
3000 / tcp

570015465 | 2024-04-19T19:24:18.414170
8082 / tcp

-57954756 | 2024-04-13T08:32:22.506505
9100 / tcp