GeneralInformation

Hostnames	battlescribe.net www.battlescribe.net battlescribeweb.j.layershift.co.uk b9956c34.reverse.layershift.co.uk
Domains	battlescribe.net layershift.co.uk
Country	United Kingdom
City	Sheffield
Organization	Layershift Limited
ISP	Layershift Limited
ASN	AS205072

WebTechnologies

Authentication

Google Sign-in

CDN

Google Hosted Libraries

cdnjs

Cloudflare

JavaScript frameworks

AngularJS1.5.8

Payment processors

Stripe

UI frameworks

Material Design Lite1.3.0

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(3)

CVE-2024-21490

7.5This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:** This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).

CVE-2024-8373

4.8Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

CVE-2024-8372

4.8Improper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

2020(2)

CVE-2020-7676

5.4angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

CVE-2020-1938

7.5When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible.

2019(1)

CVE-2019-10768

7.5In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.

OpenPorts

80 443 8009 8080 8443

80 / tcp

0 | 2025-02-28T02:20:58.036143

Hashes

hash

1013127771

http.dom_hash

http.html_hash

http.robots_hash

-936997243

http.server_hash

-43448623

HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://185.149.108.52/
Content-Length: 0
Date: Fri, 28 Feb 2025 02:20:57 GMT

443 / tcp

-1120014739 | 2025-03-06T23:18:03.382227

Hashes

hash

-479140116

http.dom_hash

-466368198

http.favicon.hash

-1226796498

http.html_hash

-1120014739

http.robots_hash

-936997243

http.server_hash

-43448623

http.title_hash

1948224870

BattleScribe: Build your army list. Fast.

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Accept-Ranges: bytes
ETag: W/"148591-1601822298000"
Last-Modified: Sun, 04 Oct 2020 14:38:18 GMT
Content-Type: text/html
Content-Length: 148591
Date: Thu, 06 Mar 2025 23:18:03 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:21:13:67:1b:0d:7e:17:c0:bf:1b:e6:8e:57:fc:96:c7:5b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Feb 10 09:03:17 2025 GMT
            Not After : May 11 09:03:16 2025 GMT
        Subject: CN=battlescribeweb.j.layershift.co.uk
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f9:6e:f4:fa:c0:3a:93:75:24:7a:62:fd:80:1a:
                    ac:52:fc:37:06:9a:d0:f5:03:b5:77:82:4b:32:50:
                    91:2a:9a:9d:1f:02:44:23:60:30:25:42:23:83:85:
                    fc:0b:98:f9:56:b2:68:73:61:13:07:40:54:c2:09:
                    30:99:d6:4d:50:54:86:ec:b7:f1:eb:3d:dd:01:59:
                    9d:31:fc:bf:a0:be:22:5f:f4:33:17:0f:ba:ca:d4:
                    f4:2b:de:86:64:6b:17:a5:be:50:fd:49:99:42:ce:
                    a1:1a:a7:3d:3e:fd:e4:bf:d3:a4:78:ce:27:84:aa:
                    be:dd:ee:53:6d:16:28:ba:6c:11:5e:86:8b:8e:63:
                    f9:a9:d1:e5:fa:74:ef:3f:3c:74:87:a3:6e:ea:33:
                    21:1d:5c:5f:a9:a2:be:36:ee:8a:e4:ee:48:ad:c3:
                    94:1a:cc:98:73:40:0e:d9:a9:3d:4f:ae:1c:9b:9d:
                    7c:7d:8c:07:4d:37:06:a4:8b:fa:d3:50:a4:0a:d9:
                    24:c8:c9:10:ae:68:48:8e:b2:0e:fe:f2:0a:d9:e9:
                    c6:c0:f8:f6:0c:50:a2:f7:f3:0b:e1:7c:70:fe:0d:
                    82:77:c8:4e:3b:fa:ca:a5:f3:2c:5d:88:b7:a7:d7:
                    31:ba:48:ba:7c:9a:d6:d5:38:59:1f:86:e2:ba:74:
                    1b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                19:66:2D:9A:A6:A8:FA:DD:81:77:44:51:7D:F1:B3:F5:58:2C:B9:8E
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:battlescribe.net, DNS:battlescribeweb.j.layershift.co.uk, DNS:www.battlescribe.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Feb 10 10:01:47.596 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5E:17:3C:7D:0F:8A:7F:D3:73:DA:A0:AF:
                                2D:2C:19:F2:6B:D0:C1:0A:20:BE:9B:93:0F:A9:40:7B:
                                11:67:0F:D9:02:21:00:A2:01:5A:4D:09:77:FC:CC:BB:
                                AB:5E:C6:19:44:86:91:A6:95:46:0F:F1:13:52:C7:6C:
                                CB:E2:1C:FC:68:F6:DE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Feb 10 10:01:47.614 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AA:29:7B:19:BB:A2:3E:1A:21:BA:49:
                                64:FB:2D:E0:88:54:D1:17:62:FF:51:BE:37:E0:CB:95:
                                65:35:BC:84:63:02:20:6C:EC:80:AC:23:8D:94:68:8E:
                                D5:3A:F8:7B:DC:00:BF:34:9E:A8:63:D9:4B:F7:D8:9D:
                                12:3F:A8:C8:98:86:21
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b3:2c:db:15:e1:f5:0b:d9:c1:f2:d0:ce:96:b3:bc:64:55:05:
        5c:7a:3a:e6:85:72:e8:c0:b3:e4:1c:44:ad:54:0e:a1:4c:a8:
        ac:90:8c:8d:2a:ed:9c:1f:88:9e:22:1d:6c:44:64:8e:2e:f2:
        c0:30:04:d4:1f:01:c9:c3:fa:04:a8:26:22:d8:1c:2f:a0:6c:
        5a:62:40:1c:15:42:06:4a:04:c8:1c:d4:ff:8d:21:7f:53:d0:
        c9:d4:dc:8e:01:8d:85:89:ae:f6:ea:9a:2b:41:b3:05:28:2d:
        01:2a:75:4f:ce:9e:65:94:1e:50:7f:34:fd:0b:2d:53:66:00:
        8b:4b:ae:46:01:d3:10:97:b8:a7:2d:f3:81:73:5e:cf:75:62:
        aa:9d:aa:2c:4c:51:b8:7e:1b:4b:e5:ac:96:a3:14:03:bf:27:
        a4:6c:bb:8a:fe:00:80:87:a6:7c:fa:2f:4c:49:27:2d:b2:2a:
        89:d8:2f:4a:59:a4:7a:0f:43:d4:ff:b7:d9:9d:a4:02:07:46:
        1e:7b:a6:2b:fc:36:ca:e8:ad:cc:bb:92:79:e9:52:ff:a9:e3:
        62:34:7c:4b:5a:4e:2d:ca:fc:1b:da:a8:a3:53:df:bf:db:95:
        56:59:c6:29:f2:9a:79:e5:78:cf:d2:9b:1d:36:4d:2b:2c:6f:
        00:67:3c:38

Vulnerabilities

2 3

8009 / tcp

1992573866 | 2025-03-08T18:24:53.980352

<html><head><title>Apache Tomcat/7.0.67 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - /asdadadas</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>/asdadadas</u></p><p><b>description</b> <u>The requested resource is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.67</h3></body></html>

Vulnerabilities

8080 / tcp

0 | 2025-03-06T23:18:01.483565

Hashes

hash

361443057

http.dom_hash

http.html_hash

http.server_hash

-43448623

HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://185.149.108.52/
Content-Length: 0
Date: Thu, 06 Mar 2025 23:18:01 GMT

8443 / tcp

-1120014739 | 2025-02-15T22:11:03.421568

Hashes

hash

-1643263698

http.dom_hash

-466368198

http.favicon.hash

-1226796498

http.html_hash

-1120014739

http.robots_hash

-936997243

http.server_hash

-43448623

http.title_hash

1948224870

BattleScribe: Build your army list. Fast.

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Accept-Ranges: bytes
ETag: W/"148591-1601822298000"
Last-Modified: Sun, 04 Oct 2020 14:38:18 GMT
Content-Type: text/html
Content-Length: 148591
Date: Sat, 15 Feb 2025 22:11:03 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:21:13:67:1b:0d:7e:17:c0:bf:1b:e6:8e:57:fc:96:c7:5b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Feb 10 09:03:17 2025 GMT
            Not After : May 11 09:03:16 2025 GMT
        Subject: CN=battlescribeweb.j.layershift.co.uk
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f9:6e:f4:fa:c0:3a:93:75:24:7a:62:fd:80:1a:
                    ac:52:fc:37:06:9a:d0:f5:03:b5:77:82:4b:32:50:
                    91:2a:9a:9d:1f:02:44:23:60:30:25:42:23:83:85:
                    fc:0b:98:f9:56:b2:68:73:61:13:07:40:54:c2:09:
                    30:99:d6:4d:50:54:86:ec:b7:f1:eb:3d:dd:01:59:
                    9d:31:fc:bf:a0:be:22:5f:f4:33:17:0f:ba:ca:d4:
                    f4:2b:de:86:64:6b:17:a5:be:50:fd:49:99:42:ce:
                    a1:1a:a7:3d:3e:fd:e4:bf:d3:a4:78:ce:27:84:aa:
                    be:dd:ee:53:6d:16:28:ba:6c:11:5e:86:8b:8e:63:
                    f9:a9:d1:e5:fa:74:ef:3f:3c:74:87:a3:6e:ea:33:
                    21:1d:5c:5f:a9:a2:be:36:ee:8a:e4:ee:48:ad:c3:
                    94:1a:cc:98:73:40:0e:d9:a9:3d:4f:ae:1c:9b:9d:
                    7c:7d:8c:07:4d:37:06:a4:8b:fa:d3:50:a4:0a:d9:
                    24:c8:c9:10:ae:68:48:8e:b2:0e:fe:f2:0a:d9:e9:
                    c6:c0:f8:f6:0c:50:a2:f7:f3:0b:e1:7c:70:fe:0d:
                    82:77:c8:4e:3b:fa:ca:a5:f3:2c:5d:88:b7:a7:d7:
                    31:ba:48:ba:7c:9a:d6:d5:38:59:1f:86:e2:ba:74:
                    1b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                19:66:2D:9A:A6:A8:FA:DD:81:77:44:51:7D:F1:B3:F5:58:2C:B9:8E
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:battlescribe.net, DNS:battlescribeweb.j.layershift.co.uk, DNS:www.battlescribe.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Feb 10 10:01:47.596 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5E:17:3C:7D:0F:8A:7F:D3:73:DA:A0:AF:
                                2D:2C:19:F2:6B:D0:C1:0A:20:BE:9B:93:0F:A9:40:7B:
                                11:67:0F:D9:02:21:00:A2:01:5A:4D:09:77:FC:CC:BB:
                                AB:5E:C6:19:44:86:91:A6:95:46:0F:F1:13:52:C7:6C:
                                CB:E2:1C:FC:68:F6:DE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Feb 10 10:01:47.614 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AA:29:7B:19:BB:A2:3E:1A:21:BA:49:
                                64:FB:2D:E0:88:54:D1:17:62:FF:51:BE:37:E0:CB:95:
                                65:35:BC:84:63:02:20:6C:EC:80:AC:23:8D:94:68:8E:
                                D5:3A:F8:7B:DC:00:BF:34:9E:A8:63:D9:4B:F7:D8:9D:
                                12:3F:A8:C8:98:86:21
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b3:2c:db:15:e1:f5:0b:d9:c1:f2:d0:ce:96:b3:bc:64:55:05:
        5c:7a:3a:e6:85:72:e8:c0:b3:e4:1c:44:ad:54:0e:a1:4c:a8:
        ac:90:8c:8d:2a:ed:9c:1f:88:9e:22:1d:6c:44:64:8e:2e:f2:
        c0:30:04:d4:1f:01:c9:c3:fa:04:a8:26:22:d8:1c:2f:a0:6c:
        5a:62:40:1c:15:42:06:4a:04:c8:1c:d4:ff:8d:21:7f:53:d0:
        c9:d4:dc:8e:01:8d:85:89:ae:f6:ea:9a:2b:41:b3:05:28:2d:
        01:2a:75:4f:ce:9e:65:94:1e:50:7f:34:fd:0b:2d:53:66:00:
        8b:4b:ae:46:01:d3:10:97:b8:a7:2d:f3:81:73:5e:cf:75:62:
        aa:9d:aa:2c:4c:51:b8:7e:1b:4b:e5:ac:96:a3:14:03:bf:27:
        a4:6c:bb:8a:fe:00:80:87:a6:7c:fa:2f:4c:49:27:2d:b2:2a:
        89:d8:2f:4a:59:a4:7a:0f:43:d4:ff:b7:d9:9d:a4:02:07:46:
        1e:7b:a6:2b:fc:36:ca:e8:ad:cc:bb:92:79:e9:52:ff:a9:e3:
        62:34:7c:4b:5a:4e:2d:ca:fc:1b:da:a8:a3:53:df:bf:db:95:
        56:59:c6:29:f2:9a:79:e5:78:cf:d2:9b:1d:36:4d:2b:2c:6f:
        00:67:3c:38

Vulnerabilities

2 3

185.149.108.52

Last Seen: 2025-03-08

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

0 | 2025-02-28T02:20:58.036143

Hashes

Apache Tomcat/Coyote JSP engine1.1

443 / tcp

-1120014739 | 2025-03-06T23:18:03.382227

Hashes

Apache Tomcat/Coyote JSP engine1.1

8009 / tcp

1992573866 | 2025-03-08T18:24:53.980352

Apache Tomcat7.0.67

8080 / tcp

0 | 2025-03-06T23:18:01.483565

Hashes

Apache Tomcat/Coyote JSP engine1.1

8443 / tcp

-1120014739 | 2025-02-15T22:11:03.421568

Hashes

Apache Tomcat/Coyote JSP engine1.1

Products

Pricing

Contact Us

185.149.108.52

Last Seen: 2025-03-08

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Port 8009 Port 8443 Latest CVSS

OpenPorts

80 / tcp 0 | 2025-02-28T02:20:58.036143

Hashes

Apache Tomcat/Coyote JSP engine1.1

443 / tcp -1120014739 | 2025-03-06T23:18:03.382227

Hashes

Apache Tomcat/Coyote JSP engine1.1

8009 / tcp 1992573866 | 2025-03-08T18:24:53.980352

Apache Tomcat7.0.67

8080 / tcp 0 | 2025-03-06T23:18:01.483565

Hashes

Apache Tomcat/Coyote JSP engine1.1

8443 / tcp -1120014739 | 2025-02-15T22:11:03.421568

Hashes

Apache Tomcat/Coyote JSP engine1.1

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

0 | 2025-02-28T02:20:58.036143

443 / tcp

-1120014739 | 2025-03-06T23:18:03.382227

8009 / tcp

1992573866 | 2025-03-08T18:24:53.980352

8080 / tcp

0 | 2025-03-06T23:18:01.483565

8443 / tcp

-1120014739 | 2025-02-15T22:11:03.421568