GeneralInformation

Hostnames	appsec-labs.com www.appsec-labs.com
Domains	appsec-labs.com
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	Clifton
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

Blogs

WordPress

CMS

WordPress

Databases

MySQL

Ecommerce

WooCommerce8.6.1

Abicart

MailChimp

Form builders

Contact Form 75.9.2

JavaScript graphics

Chart.js

JavaScript libraries

Magnific Popup5.6.10

Marketing automation

Icegram3.1.22

MailChimp

Photo galleries

Slider Revolution6.6.20

Programming languages

PHP

SEO

Yoast SEO22.2

Widgets

Max Mega Menu5.6.10

Slider Revolution6.6.20

WordPress plugins

WooCommerce8.6.1

Contact Form 75.9.2

MailChimp for WooCommerce3.7.07

Max Mega Menu5.6.10

Yoast SEO22.2

Icegram3.1.22

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(1)

CVE-2024-9944

5.3The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. This is due to the plugin not properly neutralizing HTML elements from submitted order forms. This makes it possible for unauthenticated attackers to inject arbitrary HTML that will render when the administrator views order form submissions.

OpenPorts

25 80 443

25 / tcp

-545068108 | 2025-03-14T23:30:40.560212

220 site ESMTP Postfix (Ubuntu)
250-site
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            9d:5f:b5:54:b7:b0:2b:f8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=site
        Validity
            Not Before: Nov  4 09:19:57 2014 GMT
            Not After : Nov  1 09:19:57 2024 GMT
        Subject: CN=site
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e4:12:51:e9:3c:0e:33:3b:af:b7:7e:79:07:a5:
                    e8:78:94:05:55:64:dc:63:b8:16:3c:db:88:73:cd:
                    fd:3d:dc:43:70:26:ba:d4:e3:41:f8:0f:93:fa:09:
                    0e:1b:35:07:9c:24:ec:40:45:fe:2f:12:b2:e8:84:
                    00:53:b1:63:50:6e:86:89:76:e9:57:58:61:17:95:
                    7c:a6:17:7b:2b:88:83:78:f7:fc:a7:51:18:f9:4e:
                    5f:ea:5d:5e:47:42:51:89:a0:6a:1a:f4:27:9a:21:
                    5a:2e:35:1d:5d:29:fc:c4:4e:db:c1:8a:4a:aa:3c:
                    d4:4f:b0:0f:95:9f:1d:0a:0e:6e:a2:0e:7e:07:c8:
                    23:38:41:b5:31:f0:93:69:58:4e:67:af:8b:fc:8a:
                    70:09:28:7d:64:15:97:81:37:e6:3d:a5:13:57:36:
                    8e:94:9d:6c:20:97:a0:3c:6a:1d:c5:6f:84:c8:3f:
                    c4:5e:b6:f2:8e:73:ba:f0:f4:1a:63:0e:ad:3f:0d:
                    0d:88:67:4d:3e:39:74:ea:08:c2:0b:42:bd:c2:1c:
                    fc:90:19:47:66:c9:48:4b:b6:8e:a8:06:a8:7b:9d:
                    5b:c0:6c:85:95:de:ee:b8:62:aa:33:ea:08:7f:5c:
                    a7:e1:8f:e9:2b:bb:fd:d3:81:81:80:11:67:a1:44:
                    ed:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        34:6d:95:11:93:80:54:c3:2c:2c:24:72:90:50:f0:e1:50:68:
        f6:98:de:2a:95:9d:17:ce:0f:f3:01:28:bb:51:5c:5a:8b:34:
        dc:4c:8c:4e:85:03:50:42:ea:c3:55:18:a2:ce:c8:f9:01:fe:
        72:b4:7b:7f:cc:d4:f2:24:51:75:de:f3:5d:e2:03:c8:e7:60:
        76:be:7e:d1:f5:05:1f:4d:52:eb:0b:b2:bb:98:f0:7d:b4:ff:
        33:70:7d:7a:76:d6:7b:2c:4e:ff:b5:32:97:24:c8:f2:ce:28:
        b0:38:a5:48:1a:2c:33:90:62:97:ae:de:30:a6:11:5d:00:20:
        c6:80:ce:e8:e1:f2:93:48:a6:28:e2:a0:c1:2a:41:53:a2:56:
        df:9b:61:fd:95:57:a1:81:78:72:0b:3f:b7:70:1f:0d:6a:b2:
        d3:d3:23:10:69:76:5d:9a:60:26:9d:16:42:ab:08:ec:b2:29:
        29:45:39:dc:50:1b:88:0e:7c:18:c9:0e:17:27:9c:ab:a2:6f:
        a8:d0:0b:4d:32:b9:e5:85:53:b4:6e:bd:59:67:f7:7c:23:ac:
        08:10:7e:4d:a2:bb:26:de:06:f5:53:a5:1a:68:a6:52:bb:64:
        68:6d:c0:43:10:6c:8a:87:ba:eb:49:93:7d:48:f8:69:24:fd:
        c5:09:98:52

80 / tcp

-1093132874 | 2025-03-10T18:46:04.869244

Hashes

hash

-1589642593

http.dom_hash

1894649704

http.html_hash

-1093132874

http.server_hash

869690771

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Date: Mon, 10 Mar 2025 18:46:04 GMT
Server: Apache
Location: https://appsec-labs.com/
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1

443 / tcp

1894513508 | 2025-02-21T17:30:33.128966

Hashes

hash

733836254

http.dom_hash

-1772243774

http.favicon.hash

1819690657

http.html_hash

1894513508

http.robots_hash

1210617661

http.server_hash

869690771

http.title_hash

-748248462

AppSec Labs - Application Security

HTTP/1.1 200 OK
Date: Fri, 21 Feb 2025 17:30:31 GMT
Server: Apache
Set-Cookie: mailchimp_landing_site=https%3A%2F%2Foldsite.appsec-labs.com%2F; expires=Fri, 21-Mar-2025 17:30:32 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Link: <https://oldsite.appsec-labs.com/>; rel=shortlink
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:4a:28:1b:47:0b:0e:e7:47:f3:1b:78:16:49:9a:f7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
        Validity
            Not Before: Apr 24 00:00:00 2024 GMT
            Not After : Apr 24 23:59:59 2025 GMT
        Subject: C=IL, ST=Tel Aviv, O=APPSEC APPLICATION SECURITY LTD, CN=appsec-labs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b2:3b:34:4c:1e:89:8c:fe:fd:0b:ce:45:55:76:
                    a8:55:0a:0d:69:5e:f6:c9:36:c3:71:1b:85:50:60:
                    94:23:67:a0:0c:8d:c6:88:4d:e8:fd:b4:ff:63:b8:
                    35:4e:97:64:31:51:a5:a9:43:a2:13:5e:02:ee:aa:
                    fa:da:f0:51:4f:32:bb:a9:4f:09:fc:49:e3:c7:70:
                    57:47:20:17:db:cf:49:bf:5e:3e:24:cf:26:65:9b:
                    41:9a:ac:a6:0c:d7:bc:1d:f9:bb:08:61:08:44:6d:
                    6d:a1:2f:e6:6f:a8:07:c1:37:fb:f7:f0:e7:ff:0b:
                    41:32:77:39:b5:56:b4:7d:46:e7:86:29:50:65:e1:
                    63:60:ad:ee:cc:cc:fd:be:a0:a5:32:7d:b1:00:01:
                    af:4c:9d:ff:0e:92:7c:5d:c6:30:05:e1:c0:0a:83:
                    40:4a:0b:48:6b:0b:98:84:91:16:9a:88:46:c3:f5:
                    e5:fe:97:53:b6:01:cc:81:6a:ab:3b:ef:81:a2:bd:
                    26:c4:53:70:b5:ea:f3:be:dc:13:9c:33:ac:66:69:
                    a6:c0:cc:9e:71:d3:33:0e:2b:e3:75:a2:1a:d9:3f:
                    39:85:47:6b:54:75:42:10:eb:9d:a5:5e:1f:2a:0d:
                    4f:84:09:63:bc:99:ca:7f:e9:c5:ac:d3:94:4d:78:
                    57:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
            X509v3 Subject Key Identifier: 
                BB:90:09:0D:1A:5A:05:A3:54:D4:8C:B6:51:4F:A7:B7:1B:56:45:52
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:appsec-labs.com, DNS:www.appsec-labs.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr 24 18:12:07.615 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:C2:63:1C:3F:C8:C7:8C:0A:5D:C3:5C:
                                9A:B1:70:CB:8C:51:6A:BE:83:E9:AD:85:72:2D:CE:A6:
                                E7:2F:EE:43:0D:02:21:00:E3:E3:C5:FB:0B:0D:C0:2F:
                                DD:3A:E8:60:CD:79:9E:35:92:26:A6:02:95:40:58:8F:
                                AD:18:FD:FF:B9:8E:07:FF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Apr 24 18:12:07.542 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1B:35:85:7D:B1:A8:47:6A:AC:A2:F7:28:
                                50:33:84:BF:B7:3F:8D:DC:EF:EF:07:35:D5:ED:D4:AA:
                                CF:25:A1:93:02:21:00:FC:01:C3:81:76:0D:FE:AC:A1:
                                8B:21:F4:7E:C2:3E:E2:74:6F:50:80:C0:1F:FC:5F:3D:
                                A8:7E:A2:00:CD:A2:17
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr 24 18:12:07.518 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:DA:E4:A5:91:DD:50:A6:DE:7C:CD:E1:
                                E4:83:10:B3:E5:13:50:AF:17:9C:F8:FC:CE:74:DB:E1:
                                D2:D6:5B:84:17:02:21:00:EC:38:0A:56:5D:61:66:39:
                                3F:D0:2C:18:B0:A5:27:2D:B6:67:CD:C3:6E:F9:CC:0C:
                                09:BB:3A:BB:CA:C0:0D:30
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        83:f3:34:69:0f:25:f2:ff:44:71:8b:76:52:b2:cf:2a:e4:d8:
        fc:25:a8:3a:04:84:37:7c:1d:4f:3f:5b:ba:75:83:df:59:95:
        10:c6:00:81:25:bb:8c:f1:c1:ee:10:e0:c6:f4:f9:d1:a3:99:
        a8:87:e6:99:fc:c7:11:b3:6d:c7:2b:fa:c9:cb:ad:cb:d1:4a:
        c6:c5:cb:a7:82:62:4a:60:d8:7c:08:d2:ea:68:89:98:8a:97:
        c4:25:b9:8f:5b:ff:1a:2a:33:f3:77:fe:cc:8c:64:38:ed:fa:
        61:81:db:c6:6a:1a:e9:94:c7:c4:39:d8:8a:ea:c4:59:dd:ef:
        7c:cd:50:e2:67:6a:26:af:18:04:ea:17:c7:86:52:98:dd:b6:
        2a:aa:b9:aa:e4:c9:a3:bc:a5:b0:13:c1:0f:fb:54:b0:1f:9f:
        15:ae:6b:6f:23:32:4f:77:00:c5:9b:af:13:02:ff:d6:7b:24:
        60:4e:1a:2b:cd:cc:4d:68:77:5d:e6:d3:c9:2b:89:0b:3e:ba:
        7c:77:7b:06:58:d0:4f:fe:ed:8e:3c:8f:d0:dc:46:77:da:03:
        78:02:3a:71:62:a2:68:90:c6:1b:32:46:34:b7:95:10:32:dd:
        57:60:23:ef:1f:09:ff:04:26:ab:a8:f0:5f:87:d4:09:53:31:
        1c:49:a1:46

Vulnerabilities

104.236.45.116

Last Seen: 2025-03-14

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

25 / tcp

-545068108 | 2025-03-14T23:30:40.560212

Postfix smtpd

80 / tcp

-1093132874 | 2025-03-10T18:46:04.869244

Hashes

Apache httpd

443 / tcp

1894513508 | 2025-02-21T17:30:33.128966

Hashes

Apache httpd

Products

Pricing

Contact Us

104.236.45.116

Last Seen: 2025-03-14

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

25 / tcp -545068108 | 2025-03-14T23:30:40.560212

Postfix smtpd

80 / tcp -1093132874 | 2025-03-10T18:46:04.869244

Hashes

Apache httpd

443 / tcp 1894513508 | 2025-02-21T17:30:33.128966

Hashes

Apache httpd

Products

Pricing

Contact Us

Vulnerabilities

25 / tcp

-545068108 | 2025-03-14T23:30:40.560212

80 / tcp

-1093132874 | 2025-03-10T18:46:04.869244

443 / tcp

1894513508 | 2025-02-21T17:30:33.128966