GeneralInformation

Hostnames	alefsafar.com www.alefsafar.com amdadatmedical.com www.amdadatmedical.com arkatajheezparsian.com www.arkatajheezparsian.com banxmex.com www.banxmex.com bassxrab.com www.bassxrab.com danatajhizsalamat.com www.danatajhizsalamat.com dbsco.pl www.dbsco.pl dpteb.com www.dpteb.com hastitebmehregan.com www.hastitebmehregan.com helmaco.com www.helmaco.com holdingdamac.com www.holdingdamac.com jazerramedical.com www.jazerramedical.com payazma.com www.payazma.com ip87-106-121-21.pbiaas.com radantejarateram.com www.radantejarateram.com tebgostarainaz.com www.tebgostarainaz.com tolousalamat.com www.tolousalamat.com
Domains	alefsafar.com amdadatmedical.com arkatajheezparsian.com banxmex.com bassxrab.com danatajhizsalamat.com dbsco.pl dpteb.com hastitebmehregan.com helmaco.com holdingdamac.com jazerramedical.com payazma.com pbiaas.com radantejarateram.com tebgostarainaz.com tolousalamat.com
Country	France
City	Meudon
Organization	IONOS SE
ISP	IONOS SE
ASN	AS8560
Operating System	Linux

WebTechnologies

Blogs

WordPress

CMS

WordPress

Databases

MySQL

Ecommerce

WooCommerce7.9.0

Abicart

MailChimp

Form builders

Contact Form 75.7.7

JavaScript libraries

jQuery

jQuery Migrate3.4.0

bxSlider6.2.6

Maps

Google Maps

Marketing automation

MailChimp for WordPress4.8.7

MailChimp

Photo galleries

Slider Revolution6.5.4

bxSlider6.2.6

Programming languages

PHP

UI frameworks

Bootstrap

Widgets

Slider Revolution6.5.4

WordPress plugins

WooCommerce7.9.0

Contact Form 75.7.7

MailChimp for WordPress4.8.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(3)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

CVE-2024-9944

5.3The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. This is due to the plugin not properly neutralizing HTML elements from submitted order forms. This makes it possible for unauthenticated attackers to inject arbitrary HTML that will render when the administrator views order form submissions.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

2023(1)

CVE-2023-52222

4.3Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.

2022(1)

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2007(1)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

22 80 443

22 / tcp

2086538957 | 2025-04-01T11:20:02.701214

SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u5
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGdC0DJt3TMQxn7OY4cEZifX
qzmlIErUA5MEaZIexhc4bhCqTw72lfM/jYYWngmRt6rLvBJUAb1XFSJ9En6zaws=
Fingerprint: fc:af:b9:b4:27:23:45:5e:0f:a7:ac:29:fb:86:6b:c7

Kex Algorithms:
	sntrup761x25519-sha512
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

1637199859 | 2025-03-14T19:29:03.022313

Hashes

hash

-1375898116

http.dom_hash

-2049760045

http.html_hash

1637199859

http.server_hash

1727046647

http.title_hash

911614014

Welcome to nginx!

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 14 Mar 2025 19:29:02 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Fri, 29 Nov 2024 16:31:47 GMT
Connection: keep-alive
ETag: "6749ec73-267"
Accept-Ranges: bytes

443 / tcp

-921329287 | 2025-04-01T11:09:23.918556

Hashes

hash

-832271868

http.dom_hash

-24237852

http.favicon.hash

-759997889

http.html_hash

-921329287

http.server_hash

-1340961475

الف سفر - اخذ ۰ تا ۱۰۰ ویزا و وقت سفارت

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 01 Apr 2025 11:09:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
Set-Cookie: PHPSESSID=7ea49437753ed9b6fcad60353802518e; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pingback: https://alefsafar.com/xmlrpc.php
Link: <https://alefsafar.com/wp-json/>; rel="https://api.w.org/"
Link: <https://alefsafar.com/wp-json/wp/v2/pages/785>; rel="alternate"; type="application/json"
Link: <https://alefsafar.com/>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:af:ac:38:cb:a8:3b:1a:7a:64:47:6b:a6:23:c4:40:e8:c1
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E6
        Validity
            Not Before: Mar 30 18:06:00 2025 GMT
            Not After : Jun 28 18:05:59 2025 GMT
        Subject: CN=alefsafar.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:6c:f1:df:db:32:ab:39:91:f3:80:a8:79:1f:7d:
                    c8:fd:ac:9b:5e:94:f1:7a:4a:58:24:02:ed:2d:a3:
                    12:12:c5:61:72:82:54:38:d3:e3:56:84:f6:46:45:
                    02:8d:c3:6b:70:23:81:8d:99:93:3b:00:bd:f4:3d:
                    ac:fa:ff:c5:08
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                29:31:1D:89:80:40:6F:71:3B:A2:DA:42:86:06:E9:D9:42:55:B4:0F
            X509v3 Authority Key Identifier: 
                93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
            Authority Information Access: 
                OCSP - URI:http://e6.o.lencr.org
                CA Issuers - URI:http://e6.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:alefsafar.com, DNS:amdadatmedical.com, DNS:arkatajheezparsian.com, DNS:banxmex.com, DNS:bassxrab.com, DNS:danatajhizsalamat.com, DNS:dbsco.pl, DNS:dpteb.com, DNS:hastitebmehregan.com, DNS:helmaco.com, DNS:holdingdamac.com, DNS:jazerramedical.com, DNS:payazma.com, DNS:radantejarateram.com, DNS:tebgostarainaz.com, DNS:tolousalamat.com, DNS:www.alefsafar.com, DNS:www.amdadatmedical.com, DNS:www.arkatajheezparsian.com, DNS:www.banxmex.com, DNS:www.bassxrab.com, DNS:www.danatajhizsalamat.com, DNS:www.dbsco.pl, DNS:www.dpteb.com, DNS:www.hastitebmehregan.com, DNS:www.helmaco.com, DNS:www.holdingdamac.com, DNS:www.jazerramedical.com, DNS:www.payazma.com, DNS:www.radantejarateram.com, DNS:www.tebgostarainaz.com, DNS:www.tolousalamat.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://e6.c.lencr.org/66.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 30 19:04:30.318 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A0:98:9E:E5:2C:47:D1:5F:B7:5D:9B:
                                3B:E9:62:20:68:79:8E:20:D3:C3:C2:1F:EE:CB:13:D0:
                                6A:05:EA:BD:03:02:20:21:B4:EE:D1:70:1F:1B:4A:61:
                                41:4F:E1:AF:7A:47:F3:3E:FF:8A:0B:84:E9:5F:F9:C8:
                                22:6B:FE:92:26:EB:E6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Mar 30 19:04:32.358 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:46:59:7F:B9:78:19:5E:43:A4:C2:91:9D:
                                07:D8:BC:FE:DA:3A:F8:41:A3:7C:A8:EC:87:15:FA:39:
                                6B:BE:40:FF:02:20:7A:84:8C:E4:6E:F9:E7:23:39:2F:
                                A9:21:F9:0C:DB:63:E2:98:D7:1A:C2:69:FC:C9:EA:5D:
                                B7:69:DB:CE:F9:9F
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:30:3a:4a:44:2b:74:7a:4c:58:af:89:ac:50:c3:de:
        e2:11:36:49:6a:12:ee:fd:99:66:c6:23:f7:84:77:86:14:b4:
        fd:e5:41:23:f3:72:70:d2:62:32:ba:94:82:7b:02:1f:02:31:
        00:af:b1:ca:bb:07:f3:4e:3f:2c:ca:41:c5:79:eb:f2:03:37:
        55:4b:5a:54:34:a9:b1:d6:a5:8d:7e:fc:07:cf:96:24:77:c6:
        90:ae:a0:0f:9d:c3:3a:1c:a4:73:d1:2b:15

Vulnerabilities

1 6

87.106.121.21

Last Seen: 2025-04-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

2086538957 | 2025-04-01T11:20:02.701214

OpenSSH9.2p1 Debian 2+deb12u5

80 / tcp

1637199859 | 2025-03-14T19:29:03.022313

Hashes

nginx1.22.1

443 / tcp

-921329287 | 2025-04-01T11:09:23.918556

Hashes

nginx

Products

Pricing

Contact Us

87.106.121.21

Last Seen: 2025-04-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

22 / tcp 2086538957 | 2025-04-01T11:20:02.701214

OpenSSH9.2p1 Debian 2+deb12u5

80 / tcp 1637199859 | 2025-03-14T19:29:03.022313

Hashes

nginx1.22.1

443 / tcp -921329287 | 2025-04-01T11:09:23.918556

Hashes

nginx

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

2086538957 | 2025-04-01T11:20:02.701214

80 / tcp

1637199859 | 2025-03-14T19:29:03.022313

443 / tcp

-921329287 | 2025-04-01T11:09:23.918556