GeneralInformation

Hostnames	iaspire-learning.ciostage.accenture.com ec2-13-200-43-196.ap-south-1.compute.amazonaws.com
Domains	accenture.com amazonaws.com
Cloud Provider	Amazon
Cloud Region	ap-south-1
Cloud Service	EC2
Country	India
City	Mumbai
Organization	Amazon Data Services India
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

CDN

jsDelivr

JavaScript frameworks

RequireJS

JavaScript graphics

MathJax2.7.9

JavaScript libraries

jQuery3.7.1

LMS

Moodle

Programming languages

PHP

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(5)

CVE-2024-48901

4.3A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.

CVE-2024-48898

4.3A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

CVE-2024-48897

4.3A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.

CVE-2024-48896

4.3A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.

CVE-2024-38276

8.8Incorrect CSRF token checks resulted in multiple CSRF risks.

2023(1)

CVE-2023-39663

7.5Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.

2010(2)

CVE-2010-4208

4.3Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf.

CVE-2010-4207

4.3Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf.

2007(1)

CVE-2007-6538

7.5SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter.

OpenPorts

80 443

80 / tcp

0 | 2025-04-05T22:45:35.775617

Hashes

hash

-1293820708

http.dom_hash

http.html_hash

HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Content-Length: 0
Connection: keep-alive

443 / tcp

-1520097894 | 2025-03-25T07:25:19.885116

Hashes

hash

2092395868

http.dom_hash

-1055408951

http.favicon.hash

96723558

http.html_hash

-1520097894

http.server_hash

-1340961475

http.title_hash

706393075

HTTP/1.1 200 OK
Date: Tue, 25 Mar 2025 07:25:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Set-Cookie: MoodleSession=8c867ib1ft86d4cob6snll6p2l; path=/; secure; HttpOnly; SameSite=None
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: no-store
Pragma: no-cache
Expires: 
Accept-Ranges: none
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' ams.hirepro.in betaams.hirepro.in indiacampus.ciostage.accenture.com;
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:bb:e0:84:a6:6f:8d:61:00:8e:3e:16:bb:15:64:8c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
        Validity
            Not Before: Aug 30 00:00:00 2024 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: C=US, ST=ILLINOIS, L=CHICAGO, O=Accenture LLP, CN=iaspire-learning.ciostage.accenture.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c1:a7:38:77:c2:6b:1c:ce:5c:8b:1c:7b:cd:27:
                    28:34:ec:72:d7:5d:9d:d3:00:ad:b7:3a:ce:2a:d9:
                    b2:a7:08:b0:dd:29:40:1b:1a:ed:84:e1:36:a8:d9:
                    b7:4e:2a:bb:ef:bc:3a:1e:52:c2:9e:39:68:c2:19:
                    29:6c:b1:a8:48:78:f1:cd:77:8b:5c:14:54:7e:d1:
                    41:2f:70:62:19:1b:56:52:f1:f8:b7:6f:58:b9:95:
                    70:4d:e8:2c:f4:c4:7e:03:42:48:41:31:23:30:bf:
                    93:66:fd:3e:ea:82:89:13:d7:dc:54:19:95:36:ac:
                    b2:66:7d:a6:76:16:c8:d5:80:71:86:76:0f:95:e4:
                    f5:9f:b9:6e:ef:fb:a4:0e:4f:00:13:7a:a5:d0:0e:
                    93:e7:6b:a3:b0:5a:fd:f3:ef:24:0f:14:a5:37:04:
                    0e:10:f8:41:e4:39:d6:ba:68:fd:ac:a2:81:9b:74:
                    5b:2f:b8:84:a0:e9:5c:68:a3:51:ea:0d:3d:0a:b0:
                    82:9e:7b:fa:a4:94:27:16:9b:1d:df:89:4e:1d:24:
                    19:8a:79:3e:58:5b:f5:e7:ca:e3:75:6e:ba:2a:d5:
                    7b:50:c7:47:ed:64:81:a3:5e:90:bc:40:75:96:7e:
                    6a:55:b7:8b:6d:2b:a9:50:cb:25:33:d1:2b:7a:92:
                    5d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17
            X509v3 Subject Key Identifier: 
                BF:43:95:2D:A9:EE:94:68:9E:51:0E:79:32:6D:65:86:CD:FF:47:3D
            X509v3 Subject Alternative Name: 
                DNS:iaspire-learning.ciostage.accenture.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
                Full Name:
                  URI:http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Aug 30 08:05:06.919 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:03:6F:A6:FE:FA:50:6B:DC:1E:F6:2A:9C:
                                87:3C:FE:A3:77:5D:DA:1A:B5:EA:98:6F:70:FD:7A:7B:
                                3D:6A:49:E8:02:20:08:D2:01:E5:2C:DA:E0:5D:D9:FE:
                                DA:44:8F:9F:99:C1:30:4B:53:BA:5A:2D:9B:A8:09:CE:
                                07:D3:3D:E4:B2:28
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Aug 30 08:05:06.846 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:04:BE:4D:87:5B:91:A4:93:0D:FF:1C:76:
                                F3:4F:72:1F:E3:F5:78:8C:06:59:62:D2:C9:B5:7C:3E:
                                0D:28:61:89:02:20:14:F3:40:D1:46:05:02:D2:16:9C:
                                7D:59:E7:0B:37:22:94:59:53:FE:74:01:4F:73:49:DB:
                                A4:0B:3F:30:1D:C4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Aug 30 08:05:06.867 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F8:C3:B4:95:08:9E:78:E1:53:5B:15:
                                54:BB:DA:A1:E4:50:85:97:B9:95:FC:9B:A5:40:38:4C:
                                92:E6:B6:AB:25:02:20:4E:EF:CD:2B:92:48:90:6F:2B:
                                E8:F5:24:E1:07:7A:C9:BF:F5:0B:50:0B:3B:57:67:CB:
                                F5:12:C1:C5:47:BC:3C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7e:0a:8f:4b:fa:08:ad:3d:a3:9c:2e:27:c2:3a:b7:99:e7:b7:
        f1:05:78:36:84:e5:9e:a1:7c:82:e5:c5:d8:7b:25:76:7a:49:
        61:b7:36:60:f9:29:2d:e6:d0:5f:6b:22:93:bc:9e:af:d5:29:
        f9:b7:27:64:f1:6a:61:a3:e7:2c:f0:0c:2e:59:4c:5f:71:4a:
        21:52:65:da:be:b5:df:31:78:ab:a5:04:01:3c:56:7f:30:64:
        f9:45:ae:ab:2b:cb:ef:ac:5c:29:d0:c0:35:99:1a:4c:0f:09:
        6d:41:6b:51:40:87:57:6f:df:93:8f:9f:fb:c2:02:0f:4a:af:
        f1:fa:bf:ef:ca:02:1b:b5:24:e1:d9:2a:92:8b:bc:f7:4e:1a:
        57:cb:1d:7f:43:3e:7b:79:bc:30:a1:a8:f2:3e:8c:28:f4:53:
        38:39:40:dc:c8:bc:1c:75:7a:f9:2f:9b:4f:44:50:2c:d4:88:
        a3:18:c8:e1:83:9f:2c:35:52:0f:8c:49:b8:d4:ea:ec:f0:39:
        82:8e:a4:70:95:fa:eb:d9:37:05:c3:20:e0:7c:ee:99:8a:f1:
        90:b7:33:6f:19:cc:89:ce:08:39:0d:2d:a8:02:37:13:08:6a:
        e7:6f:18:f8:54:dd:4a:8f:b0:6b:b1:5a:d6:50:80:c0:60:84:
        0c:3f:a6:30

Vulnerabilities

3 6

13.200.43.196

Last Seen: 2025-04-05

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

0 | 2025-04-05T22:45:35.775617

Hashes

443 / tcp

-1520097894 | 2025-03-25T07:25:19.885116

Hashes

nginx

Products

Pricing

Contact Us

13.200.43.196

Last Seen: 2025-04-05

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp 0 | 2025-04-05T22:45:35.775617

Hashes

443 / tcp -1520097894 | 2025-03-25T07:25:19.885116

Hashes

nginx

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

0 | 2025-04-05T22:45:35.775617

443 / tcp

-1520097894 | 2025-03-25T07:25:19.885116