GeneralInformation

Hostnames	ip-80-90-17-39.ax5z.com bfa.gv.at www.bfa.gv.at
Domains	ax5z.com bfa.gv.at
Country	Germany
City	Frankfurt am Main
Organization	SOPRADO GmbH
ISP	SOPRADO GmbH
ASN	AS20546

WebTechnologies

JavaScript libraries

jQuery2.2.4

bxSlider

Lightbox

Photo galleries

bxSlider

UI frameworks

Bootstrap

Web frameworks

Microsoft ASP.NET

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443

80 / tcp

-1308249831 | 2025-03-21T12:31:16.459490

Hashes

hash

886689427

http.dom_hash

701183239

http.html_hash

-1308249831

http.server_hash

-2016146065

http.title_hash

-53694830

Protected

HTTP/1.1 200 OK
Server: myracloud
Date: Fri, 21 Mar 2025 12:31:15 GMT
Content-Type: text/html
Content-Length: 12361
Last-Modified: Wed, 24 Jul 2024 11:42:26 GMT
Connection: keep-alive
ETag: "66a0e8a2-3049"
Accept-Ranges: bytes

443 / tcp

1909824440 | 2025-03-25T02:07:19.349578

Hashes

hash

-1902295476

http.dom_hash

-1791333333

http.favicon.hash

1475373999

http.html_hash

1909824440

http.server_hash

-2016146065

Bundesamt für Fremdenwesen und Asyl (BFA)

HTTP/1.1 200 OK
Server: myracloud
Date: Tue, 25 Mar 2025 02:07:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=4mmzu2zj21ahmqavjovmzej4; path=/; secure; HttpOnly; SameSite=Lax
X-UA-Compatible: IE=Edge
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0; mode=block
Strict-Transport-Security: max-age=31536000

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            bc:b3:95:ff:15:cf:d5:53:d4:c2:86:ca:34:f9:ec:d4
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=NL, O=GEANT Vereniging, CN=GEANT OV RSA CA 4
        Validity
            Not Before: Apr  3 00:00:00 2024 GMT
            Not After : Apr  3 23:59:59 2025 GMT
        Subject: C=AT, ST=Wien, O=Bundesministerium f\xC3\xBCr Inneres, CN=bfa.gv.at
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c4:d1:c7:ec:93:f3:42:6b:d0:2e:a4:de:4b:21:
                    62:8a:af:96:dd:9b:5e:bc:7d:44:33:45:95:b7:25:
                    8a:00:67:14:3f:44:3b:d3:0b:51:f6:2e:b8:e8:13:
                    20:d4:81:b2:25:ca:cb:37:57:3b:0d:09:a0:59:7d:
                    e4:d2:04:a8:ea:87:65:24:86:ed:38:51:3d:31:a9:
                    d9:a8:25:85:c4:d1:75:2c:d3:65:22:46:dc:f8:1d:
                    01:f0:87:bf:ca:69:02:0b:49:f6:25:91:c0:92:7c:
                    db:50:3c:3f:01:99:3d:81:24:ff:c5:d2:08:2c:09:
                    47:e4:46:38:13:0e:36:ee:77:1e:1f:8b:1c:e3:52:
                    24:48:76:3a:d0:36:65:70:02:b9:a8:51:3e:fb:b7:
                    b2:79:b5:1d:84:d0:21:d8:79:e5:ef:4b:5d:e1:c7:
                    70:9c:45:85:dd:7e:c9:2b:8d:33:1a:ba:32:24:e2:
                    f9:f7:d1:8a:c8:ef:d0:e4:bc:6f:17:11:a9:ee:a8:
                    ab:57:42:55:b6:41:b4:32:9e:bb:a3:6a:2a:ef:69:
                    dc:28:db:e4:57:8c:d9:c3:db:50:d9:41:2c:cd:8f:
                    89:57:19:e0:b6:6f:70:3a:45:96:85:28:13:1e:68:
                    d9:57:a6:00:52:62:f8:41:d6:92:8b:a0:89:31:ff:
                    c9:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                6F:1D:35:49:10:6C:32:FA:59:A0:9E:BC:8A:E8:1F:95:BE:71:7A:0C
            X509v3 Subject Key Identifier: 
                88:50:E2:77:99:12:AA:35:31:3E:20:4B:2A:8B:0E:C9:1F:AE:44:0E
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.79
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
            Authority Information Access: 
                CA Issuers - URI:http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
                OCSP - URI:http://GEANT.ocsp.sectigo.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr  3 08:07:37.980 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:89:A7:F8:83:AC:43:F5:ED:7D:59:57:
                                9D:65:A9:E0:3E:18:DA:BC:8F:A0:F7:AB:EB:E0:90:34:
                                C3:02:9B:E6:11:02:21:00:DE:35:CE:31:1C:2C:0E:1C:
                                CE:DC:F6:D2:5B:9F:44:F6:13:87:7E:9A:B0:8A:AC:37:
                                BA:36:B7:EF:D5:0D:FE:1C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Apr  3 08:07:37.948 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:C5:29:6D:3C:AB:73:84:1D:4C:AD:DA:
                                7B:21:E4:3B:C3:96:7E:0E:35:0E:EF:8F:76:15:43:6E:
                                B3:30:98:3C:96:02:21:00:E4:50:0E:2A:7E:4F:96:9D:
                                E6:9D:1C:02:ED:B3:FC:18:C6:11:AF:7A:6D:20:16:0D:
                                04:AF:D5:CC:3D:AF:54:53
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr  3 08:07:37.947 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E6:D3:42:59:97:B9:57:A6:46:AD:5D:
                                99:F0:78:7F:5B:71:5E:DD:68:E0:16:5D:2C:94:17:29:
                                8C:93:86:1C:0A:02:21:00:AF:B6:69:AD:63:0F:E8:8E:
                                DB:CF:30:C5:C8:EE:4D:B0:20:30:30:E0:13:6A:07:61:
                                FC:2D:91:56:AE:09:75:A1
            X509v3 Subject Alternative Name: 
                DNS:bfa.gv.at, DNS:www.bfa.gv.at
    Signature Algorithm: sha384WithRSAEncryption
    Signature Value:
        60:80:a8:79:77:4c:7a:62:4c:cb:62:c2:bf:4d:7d:20:96:c1:
        cc:9c:20:e1:6b:f9:31:e8:66:10:96:43:64:92:09:aa:56:0d:
        51:f6:dc:ea:90:9d:da:1a:ed:05:3a:90:a5:29:fd:cd:0d:2b:
        c8:c8:5e:7e:fe:9c:d3:08:7b:e2:58:c8:45:29:d2:45:90:f6:
        19:60:66:d1:d6:8b:62:6f:e9:57:8e:53:a4:38:24:01:9c:27:
        aa:d1:68:9d:75:a4:a4:8d:c7:b6:ba:62:ca:e8:06:2e:aa:f2:
        ae:9e:d4:ba:f1:c1:5d:28:7b:c2:c3:4e:d5:8f:15:72:89:36:
        7f:d9:f9:32:bc:91:ad:e7:77:7d:fb:52:1a:a9:63:09:96:96:
        c8:d2:ec:57:e1:14:cb:4a:b3:65:f9:6f:fa:f2:ba:f3:b6:ac:
        40:8e:fb:1d:84:2d:d6:3c:07:df:c3:32:76:28:53:c1:70:f6:
        2a:fd:76:91:9e:63:5c:19:c3:6c:c4:98:c1:59:57:a9:d2:8f:
        89:4c:79:9f:fe:10:b6:50:6e:bc:6f:de:b7:43:18:3f:16:5d:
        f8:8c:3d:7d:2e:a6:a5:5c:6a:9a:63:d0:a1:c4:ba:0f:4b:a4:
        80:9f:2d:9f:c1:5a:a8:62:09:07:62:ee:f1:fc:8c:ba:1e:82:
        8a:a8:53:9d:ca:9d:53:86:8a:49:77:bf:77:93:89:b7:9e:34:
        25:dc:ce:d4:19:b1:1b:e5:4a:4d:3a:c9:77:d0:64:49:ac:87:
        84:32:d6:90:64:b9:95:d0:08:4d:42:8d:30:ac:94:35:7b:33:
        a2:d3:50:56:36:d8:3b:3b:f1:d3:69:c6:08:c9:9c:d2:ae:65:
        91:d0:f3:b6:24:d8:7b:ce:1d:13:97:32:97:16:42:2c:b5:c4:
        33:1d:12:ed:c9:3a:7e:d6:06:f9:df:de:64:6d:65:7f:41:2e:
        fa:ed:07:7f:9a:65:81:cf:5d:73:ea:8d:f2:47:21:1b:05:75:
        62:44:b1:28:d6:31:3a:42:d2:f7:a8:5b:82:80:63:89:c1:7f:
        d9:fb:b8:9d:f7:56:6f:d6:d7:f0:b3:92:5d:94:9a:27:56:db:
        95:08:be:6a:fc:2a:93:04:a0:de:88:af:c1:61:b2:50:92:0f:
        a9:fc:34:28:e4:dc:2a:cd:ae:ed:ca:54:35:c2:6c:97:7a:ef:
        77:b9:0f:da:b1:c6:66:97:c5:12:83:59:61:15:e9:1f:f9:ca:
        c0:f4:64:4c:f2:f5:06:9a:2a:40:f0:d5:db:69:42:1f:a6:90:
        a5:c8:26:a4:20:c4:bf:eb:30:50:89:a3:fa:e2:79:38:be:25:
        9b:b1:9e:cc:ae:c1:0b:90

Vulnerabilities

80.90.17.39

Last Seen: 2025-03-25

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-1308249831 | 2025-03-21T12:31:16.459490

Hashes

443 / tcp

1909824440 | 2025-03-25T02:07:19.349578

Hashes

Products

Pricing

Contact Us

80.90.17.39

Last Seen: 2025-03-25

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp -1308249831 | 2025-03-21T12:31:16.459490

Hashes

443 / tcp 1909824440 | 2025-03-25T02:07:19.349578

Hashes

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-1308249831 | 2025-03-21T12:31:16.459490

443 / tcp

1909824440 | 2025-03-25T02:07:19.349578