GeneralInformation

Hostnames	caribepay.com www.caribepay.com
Domains	caribepay.com
Cloud Provider	Azure
Cloud Region	eastus
Cloud Service	AzureCloud
Country	United States
City	Reston
Organization	Microsoft Corporation
ISP	Microsoft Corporation
ASN	AS8075
Operating System	Windows

WebTechnologies

JavaScript libraries

jQuery1.12.4

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

2014(1)

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

80 443 3389

80 / tcp

499192411 | 2025-03-17T06:00:55.355192

Hashes

hash

1911903516

http.dom_hash

-547917072

http.html_hash

499192411

http.server_hash

-945770239

http.title_hash

2094765716

Document Moved

HTTP/1.1 303 See Other
Content-Type: text/html; charset=UTF-8
Location: https://52.226.135.77/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 17 Mar 2025 06:00:55 GMT
Content-Length: 145

Vulnerabilities

443 / tcp

-1495256056 | 2025-03-26T17:27:00.725361

Hashes

hash

-157308632

http.dom_hash

1323294091

http.favicon.hash

1986255962

http.html_hash

-1495256056

http.server_hash

-945770239

http.title_hash

-2103308160

CaribePay - cashless payments in the Caribbean

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 26 Mar 2025 17:27:00 GMT
Content-Length: 41735

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3085238962907622334 (0x2ad0f87d8f4dabbe)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Jan 24 17:25:41 2025 GMT
            Not After : Feb 25 17:25:41 2026 GMT
        Subject: CN=www.caribepay.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8e:65:55:61:05:12:03:d9:b7:ea:10:af:40:47:
                    93:49:97:1f:c8:8a:45:79:28:24:66:e8:7c:f3:ce:
                    f7:5a:e5:af:26:28:0b:96:f9:e7:62:a4:a3:1a:13:
                    28:ad:2f:ce:29:f7:0b:53:8b:88:87:64:7d:69:3d:
                    52:8d:31:9a:c0:86:c8:c0:85:c3:e1:b8:be:66:92:
                    7f:48:37:44:65:15:e9:58:6d:a9:39:2c:d0:bf:42:
                    b5:dc:00:1b:6d:be:ec:a8:bf:b9:28:e7:d9:75:a4:
                    37:65:44:3a:23:dc:93:a3:f6:f7:88:60:01:48:da:
                    c9:f4:c1:ce:b2:73:02:fa:77:9c:a5:e5:1a:c3:f1:
                    ab:5f:dc:6b:32:91:a2:2a:41:65:26:44:db:de:3d:
                    0b:85:fa:b4:01:fc:3e:6e:f9:4f:37:71:a6:05:d1:
                    8d:fe:71:fe:7d:ac:55:1e:84:d6:7c:a5:0f:e1:31:
                    11:07:3e:0b:3e:30:f8:81:78:84:5e:04:e2:b7:d2:
                    a7:22:c3:94:e0:39:8e:06:97:31:6f:31:23:7e:16:
                    7c:d7:22:ce:dd:06:a9:ae:41:ee:0f:d8:aa:0d:e9:
                    a9:7c:23:33:3e:32:b1:53:f7:9a:45:6c:7c:69:c7:
                    d5:51:2a:6d:f8:bf:dc:b5:71:7d:41:6b:cd:31:39:
                    98:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.godaddy.com/gdig2s1-37997.crl
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.114413.1.7.23.1
                  CPS: http://certificates.godaddy.com/repository/
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.godaddy.com/
                CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
            X509v3 Authority Key Identifier: 
                40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
            X509v3 Subject Alternative Name: 
                DNS:www.caribepay.com, DNS:caribepay.com
            X509v3 Subject Key Identifier: 
                2F:59:9F:FC:32:66:D2:A6:A2:E6:65:F9:E5:39:9E:09:99:DB:10:1D
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Jan 24 17:25:42.503 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:CD:5A:53:37:1D:92:26:68:6D:1B:FC:
                                8B:24:1C:39:88:11:93:A2:75:D6:5C:F0:61:47:9F:C6:
                                35:9C:6C:52:B3:02:20:07:38:AD:0A:FB:92:10:D9:B6:
                                E8:20:C0:9F:74:E9:F1:6E:62:E6:07:6A:DD:42:E2:B1:
                                1E:70:58:9B:9E:D8:B2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
                                4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
                    Timestamp : Jan 24 17:25:42.660 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B2:3E:77:70:B8:A1:5B:AB:D8:20:85:
                                BD:50:59:6C:B7:14:5F:3A:AC:65:5C:73:DD:DA:51:3E:
                                7E:7B:D2:0B:7B:02:20:66:F3:18:E4:6D:E6:01:09:1F:
                                C2:F1:5B:B4:F7:7E:58:E5:D8:7E:46:E3:3E:C4:D7:01:
                                BA:03:34:37:D9:DC:8F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
                                F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
                    Timestamp : Jan 24 17:25:42.789 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:20:87:EF:A6:C3:49:76:8C:44:79:C1:F4:
                                05:E5:F1:98:4B:57:B3:10:1E:87:BE:C3:23:0A:47:BF:
                                8B:F3:F6:33:02:21:00:D2:E5:58:4D:52:6E:1F:02:4B:
                                8B:5F:6C:38:0F:7D:FE:85:FC:32:10:A7:B1:EB:17:F7:
                                F8:D9:86:BC:CC:EC:0A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        43:85:34:07:c8:32:25:56:4b:a0:22:49:9b:c0:8c:4b:a2:f5:
        ad:12:23:55:21:43:e4:78:c8:55:c2:ef:bf:73:b2:d8:71:bd:
        d1:8b:fb:05:33:6f:46:7e:54:89:9f:a7:ad:30:07:88:a8:86:
        65:1f:dd:74:a3:42:22:a4:0a:39:2b:54:74:7a:9c:7a:0f:4a:
        2d:e4:41:80:03:9a:22:4b:67:5a:70:70:3e:a0:de:28:fb:60:
        ea:84:a6:78:f7:c1:b0:d2:c8:9f:e4:a3:b3:6d:0e:67:c4:77:
        59:10:d1:a2:fc:f3:53:0d:96:f9:ae:08:0c:ba:3d:aa:7f:42:
        bf:d7:d0:d9:0f:64:76:40:c6:cf:4a:ad:5e:90:75:ac:72:5c:
        f9:44:dd:1c:32:6b:b4:7c:73:25:6a:92:d8:99:92:8b:d2:ed:
        81:31:54:71:d2:a2:7c:72:a7:18:5e:98:0c:0b:db:b1:31:0f:
        b1:cc:13:43:e9:95:c0:a3:b8:69:dd:69:4a:1d:5e:97:1d:fe:
        0d:7d:6a:47:0c:0e:cc:9e:0e:e2:41:b6:34:1b:aa:b6:3d:53:
        36:ed:c1:41:5d:53:e3:7c:37:13:85:1a:01:1b:cf:5f:df:cb:
        48:84:91:d9:09:9a:91:17:2e:67:60:e1:fc:25:01:c9:5e:25:
        f1:90:cc:4f

Vulnerabilities

3389 / tcp

-148084853 | 2025-03-22T03:09:56.109013

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: CPayTestVM2
  NetBIOS Domain Name: CPayTestVM2
  NetBIOS Computer Name: CPayTestVM2
  DNS Domain Name: CPayTestVM2
  FQDN: CPayTestVM2

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:87:5a:cc:58:55:46:bf:4b:fb:55:ff:37:5a:be:fe
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CPayTestVM2
        Validity
            Not Before: Dec 17 05:52:21 2024 GMT
            Not After : Jun 18 05:52:21 2025 GMT
        Subject: CN=CPayTestVM2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e0:cc:d4:52:81:71:d3:44:a0:4f:63:43:c4:96:
                    46:62:18:8a:52:15:58:3a:d1:2c:4e:ed:51:09:f7:
                    5e:54:d9:9d:03:ba:94:86:9d:77:4d:dd:e9:91:7c:
                    0b:df:b4:88:1a:a7:7e:1a:96:76:13:e8:d4:67:44:
                    02:49:98:fb:74:58:c6:23:ce:31:3d:e9:d2:61:16:
                    d1:34:ea:34:ad:05:69:ea:d6:0f:42:fa:8b:67:2d:
                    08:59:a2:2d:dd:8a:53:c6:20:4f:7c:43:32:77:63:
                    7d:25:8f:0f:65:3c:30:cd:25:ea:c2:49:e5:f2:67:
                    2c:f5:19:8f:cd:9d:29:66:f1:d8:15:45:7b:c4:0b:
                    e8:ec:3d:4d:bc:3d:54:a7:2b:34:84:a6:b7:d5:80:
                    32:b7:f9:c7:16:78:b4:e7:25:a1:48:dd:22:28:39:
                    47:2e:b2:73:83:d3:78:c9:a8:80:5f:96:fd:0c:db:
                    7b:24:f4:54:b9:34:f4:f0:d3:b3:4c:0d:07:c2:d9:
                    c1:f6:fe:67:82:d9:03:90:28:12:e5:58:85:1a:e9:
                    5d:bd:82:a0:89:2e:e5:ab:6b:67:ad:8f:dd:37:39:
                    e3:26:b4:c1:71:04:d3:10:e2:2c:39:57:01:f2:a8:
                    cd:1c:75:12:6a:d8:81:fb:33:af:ab:8d:22:9d:fb:
                    75:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        80:3c:8a:44:39:43:c3:19:37:af:33:72:ba:c0:90:e5:c9:88:
        f9:c8:06:4f:11:10:f5:13:df:9b:c8:b6:e4:4b:b2:03:3b:bd:
        79:c1:13:8d:85:3e:e4:96:ff:6a:ab:f8:fe:f8:1d:30:b1:16:
        9a:ba:87:e2:f6:ef:4c:d6:70:cb:22:cb:45:2f:2f:c0:75:09:
        c9:60:9e:03:32:58:dd:0b:b3:68:17:44:4a:b0:15:4e:92:6f:
        49:5d:50:c8:91:46:4b:b8:d0:43:90:42:e9:15:9a:0b:ae:38:
        ac:84:3f:74:da:e0:58:21:c9:e6:3d:01:af:45:93:34:d8:18:
        26:0d:0c:f6:a4:52:85:a8:13:30:57:48:f3:44:67:12:80:b5:
        c2:4e:70:c2:6d:ee:89:11:64:bd:35:e9:3d:c6:2d:00:72:f0:
        60:ff:b0:4e:cb:c1:70:c7:21:f2:03:98:fa:f9:10:90:b6:3b:
        46:a2:67:26:1f:b9:72:ad:07:78:b5:ce:a3:14:0c:1c:51:24:
        dd:4d:6e:5e:18:62:e3:a5:51:42:4c:5d:25:c0:2f:42:6f:38:
        e0:cf:8b:93:e5:ac:4d:a3:57:da:1e:d7:ff:04:d3:da:5a:04:
        1f:ca:dd:99:6d:2b:eb:82:3f:d0:95:38:ac:8c:24:01:a6:a0:
        4a:75:71:1d

52.226.135.77

Last Seen: 2025-03-26

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

499192411 | 2025-03-17T06:00:55.355192

Hashes

Microsoft IIS httpd8.5

443 / tcp

-1495256056 | 2025-03-26T17:27:00.725361

Hashes

Microsoft IIS httpd8.5

3389 / tcp

-148084853 | 2025-03-22T03:09:56.109013

Remote Desktop Protocol

Products

Pricing

Contact Us

52.226.135.77

Last Seen: 2025-03-26

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp 499192411 | 2025-03-17T06:00:55.355192

Hashes

Microsoft IIS httpd8.5

443 / tcp -1495256056 | 2025-03-26T17:27:00.725361

Hashes

Microsoft IIS httpd8.5

3389 / tcp -148084853 | 2025-03-22T03:09:56.109013

Remote Desktop Protocol

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

499192411 | 2025-03-17T06:00:55.355192

443 / tcp

-1495256056 | 2025-03-26T17:27:00.725361

3389 / tcp

-148084853 | 2025-03-22T03:09:56.109013