Hostnames |
edx.org business.edx.org |
Domains | edx.org |
Country | United States |
City | San Francisco |
Organization | Cloudflare, Inc. |
ISP | Cloudflare, Inc. |
ASN | AS13335 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2020-23064 | Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element. |
CVE-2020-11023 | 4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. |
CVE-2020-11022 | 4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. |
CVE-2019-11358 | 4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. |
577526517 | 2024-05-02T18:54:03.56999080 / tcp
HTTP/1.1 409 Conflict Date: Thu, 02 May 2024 18:54:03 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 6171 Connection: close X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 87da37b84a200a6d-AMS
15099091 | 2024-05-02T19:54:47.878505443 / tcp
HTTP/1.1 200 OK Date: Thu, 02 May 2024 19:54:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header. x-powered-by: WordPress VIP <https://wpvip.com> host-header: a9130478a60e5f9135f765b23f26593b link: <https://business.edx.org/wp-json/>; rel="https://api.w.org/" link: <https://business.edx.org/wp-json/wp/v2/pages/172>; rel="alternate"; type="application/json" link: <https://business.edx.org/>; rel=shortlink x-rq: sjc2 123 242 443 Cache-Control: max-age=300, must-revalidate Age: 0 x-cache: miss vary: Accept-Encoding CF-Cache-Status: DYNAMIC Strict-Transport-Security: max-age=2592000 Server: cloudflare CF-RAY: 87da90aabb01ce48-SJC
Certificate: Data: Version: 3 (0x2) Serial Number: 0d:d0:38:a1:e5:38:d3:ec:c3:a2:a2:c3:89:86:3d:2e Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 Validity Not Before: Sep 26 00:00:00 2023 GMT Not After : Sep 24 23:59:59 2024 GMT Subject: C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=business.edx.org Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:62:e4:b5:90:e2:7e:81:ae:cc:93:7c:52:18:63: ee:94:39:47:d9:8d:88:9a:b9:f7:53:b0:3d:e8:1c: 90:66:33:23:60:27:48:c5:09:a4:e1:d1:8b:00:f9: 9d:b0:5e:d6:40:4d:4c:02:2b:ef:00:5e:a8:8a:c5: e4:ec:80:04:ba ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Authority Key Identifier: A5:CE:37:EA:EB:B0:75:0E:94:67:88:B4:45:FA:D9:24:10:87:96:1F X509v3 Subject Key Identifier: 26:9E:C0:D9:2E:6B:9A:BD:91:79:AD:15:FA:A5:2B:74:66:A5:92:36 X509v3 Subject Alternative Name: DNS:business.edx.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.2 CPS: http://www.digicert.com/CPS X509v3 Key Usage: critical Digital Signature, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/CloudflareIncECCCA-3.crl Full Name: URI:http://crl4.digicert.com/CloudflareIncECCCA-3.crl Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/CloudflareIncECCCA-3.crt X509v3 Basic Constraints: critical CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Sep 26 16:09:50.837 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:71:2C:FA:D5:65:A6:9A:29:36:2B:32:75: 09:BF:70:0D:32:CD:06:3D:BD:F2:B8:C0:FF:43:77:BA: 9C:BC:9F:FB:02:20:28:9E:6B:CE:55:B6:6A:21:D7:07: 68:4B:71:28:33:E2:D9:6C:9B:AA:1D:3E:A2:01:28:1F: 08:1A:B0:CE:D5:B5 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB: 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73 Timestamp : Sep 26 16:09:50.782 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:F6:D4:66:0B:9B:1E:88:37:C7:77:D5: FE:2C:58:0C:A3:7C:1A:57:3E:B5:AA:BC:AB:3F:86:EF: 09:D8:AF:9F:34:02:20:12:22:24:4C:C9:57:98:D3:2F: 32:85:1B:0C:D9:42:9D:27:E6:00:18:C9:3D:31:0A:FB: B5:C4:C4:DA:67:CC:4F Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Sep 26 16:09:50.741 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:4F:57:48:E0:89:09:21:34:EE:3D:B2:64: DC:E1:4F:D0:52:EC:84:F9:B4:08:94:CC:1A:CB:2B:6F: 8D:8A:E2:51:02:21:00:FB:4A:AD:EF:39:03:BB:22:FD: 99:E9:1B:EA:3F:E0:33:69:84:5F:B9:43:77:A3:EA:53: BA:EC:E1:9B:4A:1E:BE Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:3e:a5:5d:a9:8d:97:94:2c:bc:4e:22:90:a8:a6: 30:2c:c5:93:d0:e5:33:53:74:0a:58:34:b9:bc:a0:82:ba:e8: 02:21:00:8d:09:35:b0:b0:e5:e3:5b:51:79:25:9c:bc:86:8b: 74:01:76:9b:51:16:86:1b:80:30:38:4c:c2:ea:a7:df:ae
-1474091023 | 2024-04-25T23:58:33.4569422082 / tcp
HTTP/1.1 403 Forbidden Date: Thu, 25 Apr 2024 23:58:33 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 5894 Connection: close X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 87a248230b29b930-AMS
1471629837 | 2024-04-08T19:38:59.9837052083 / tcp
HTTP/1.1 403 Forbidden Server: cloudflare Date: Mon, 08 Apr 2024 19:38:59 GMT Content-Type: text/html Content-Length: 553 Connection: keep-alive CF-RAY: 8714b88cd9db4636-DFW
Certificate: Data: Version: 3 (0x2) Serial Number: 09:d2:16:68:26:26:3f:2e:f8:7d:a2:b4:60:b2:f5:c5 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 Validity Not Before: Mar 18 00:00:00 2024 GMT Not After : Dec 31 23:59:59 2024 GMT Subject: C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=edx.org Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:c8:50:ae:57:4c:e7:bc:e0:7f:d2:6f:39:54:66: 33:0f:a7:f9:0c:4d:46:b2:fa:bd:29:ee:18:51:40: 77:20:93:bd:06:b6:78:e2:c3:be:49:b3:88:47:83: 92:71:c2:da:bf:7f:00:80:e1:45:67:06:4b:d0:b3: eb:4d:81:48:6b ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Authority Key Identifier: A5:CE:37:EA:EB:B0:75:0E:94:67:88:B4:45:FA:D9:24:10:87:96:1F X509v3 Subject Key Identifier: CC:31:99:58:56:24:FB:8F:93:9D:E3:00:FE:C9:E4:21:6C:15:22:30 X509v3 Subject Alternative Name: DNS:*.internal.edx.org, DNS:*.external.edx.org, DNS:*.stage.edx.org, DNS:*.it.edx.org, DNS:*.edge.edx.org, DNS:*.edx.org, DNS:*.sandbox.edx.org, DNS:edx.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.2 CPS: http://www.digicert.com/CPS X509v3 Key Usage: critical Digital Signature, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/CloudflareIncECCCA-3.crl Full Name: URI:http://crl4.digicert.com/CloudflareIncECCCA-3.crl Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/CloudflareIncECCCA-3.crt X509v3 Basic Constraints: critical CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Mar 18 09:53:27.560 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:FB:2D:36:F3:4A:75:80:51:B0:DB:BD: 63:38:38:4D:BB:5C:3A:CA:3D:A9:EF:D9:34:84:F7:81: 26:04:CB:66:6C:02:21:00:81:BD:7A:3D:63:0C:CB:59: B5:92:04:DA:B0:81:84:05:98:1E:88:41:51:E3:62:1D: 99:65:62:23:A7:E8:2D:00 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Mar 18 09:53:27.643 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:66:6C:08:85:77:06:65:E8:77:A8:AA:84: 88:A6:FF:85:05:06:8C:79:E1:F1:81:3E:8B:47:CD:77: FE:A1:D2:8C:02:21:00:E7:41:D3:9D:A4:B6:EE:C6:13: 53:85:08:21:BA:68:D4:64:7A:FD:D7:B9:90:28:E0:7E: E7:04:35:BD:7F:47:03 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12: ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E Timestamp : Mar 18 09:53:27.653 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:C8:15:0B:EA:DA:FD:59:D5:F8:FD:93: CB:96:7A:45:FB:E2:12:9A:0B:BB:6B:57:1F:3B:39:50: 21:FA:B3:B0:06:02:20:03:87:27:B6:A9:8F:F5:6A:1D: 88:B6:7D:0F:4A:CD:C6:DD:5C:5C:01:4E:36:B5:86:C2: 73:3F:7F:C7:7D:5F:7A Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:de:16:aa:4f:79:9c:7e:b6:f2:4c:2d:e4:0b: 9b:16:2a:4e:48:43:f4:4a:f9:56:57:20:e1:e4:3b:b5:10:19: a6:02:21:00:e5:c7:66:6d:15:b6:1c:37:a9:87:57:be:8c:11: 64:f7:8a:12:f5:d7:51:d2:df:38:6d:56:22:ea:39:6b:4c:e3
1358230715 | 2024-04-05T00:53:37.6747562086 / tcp
HTTP/1.1 403 Forbidden Date: Fri, 05 Apr 2024 00:53:37 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 5895 Connection: close X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 86f58fed8cde5341-DEN
763140713 | 2024-04-24T01:24:43.6484832087 / tcp
HTTP/1.1 400 Bad Request Server: cloudflare Date: Wed, 24 Apr 2024 01:24:31 GMT Content-Type: text/html Content-Length: 155 Connection: close CF-RAY: - <html> <head><title>400 Bad Request</title></head> <body> <center><h1>400 Bad Request</h1></center> <hr><center>cloudflare</center> </body> </html>
141477257 | 2024-04-05T16:19:35.5132602096 / tcp
HTTP/1.1 400 Bad Request Server: cloudflare Date: Fri, 05 Apr 2024 16:19:35 GMT Content-Type: text/html Content-Length: 655 Connection: close CF-RAY: -
1471629837 | 2024-04-25T12:38:44.3656968443 / tcp
HTTP/1.1 403 Forbidden Server: cloudflare Date: Thu, 25 Apr 2024 12:38:31 GMT Content-Type: text/html Content-Length: 553 Connection: keep-alive CF-RAY: 879e63fdfd606c57-DFW
Certificate: Data: Version: 3 (0x2) Serial Number: 09:d2:16:68:26:26:3f:2e:f8:7d:a2:b4:60:b2:f5:c5 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 Validity Not Before: Mar 18 00:00:00 2024 GMT Not After : Dec 31 23:59:59 2024 GMT Subject: C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=edx.org Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:c8:50:ae:57:4c:e7:bc:e0:7f:d2:6f:39:54:66: 33:0f:a7:f9:0c:4d:46:b2:fa:bd:29:ee:18:51:40: 77:20:93:bd:06:b6:78:e2:c3:be:49:b3:88:47:83: 92:71:c2:da:bf:7f:00:80:e1:45:67:06:4b:d0:b3: eb:4d:81:48:6b ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Authority Key Identifier: A5:CE:37:EA:EB:B0:75:0E:94:67:88:B4:45:FA:D9:24:10:87:96:1F X509v3 Subject Key Identifier: CC:31:99:58:56:24:FB:8F:93:9D:E3:00:FE:C9:E4:21:6C:15:22:30 X509v3 Subject Alternative Name: DNS:*.internal.edx.org, DNS:*.external.edx.org, DNS:*.stage.edx.org, DNS:*.it.edx.org, DNS:*.edge.edx.org, DNS:*.edx.org, DNS:*.sandbox.edx.org, DNS:edx.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.2 CPS: http://www.digicert.com/CPS X509v3 Key Usage: critical Digital Signature, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/CloudflareIncECCCA-3.crl Full Name: URI:http://crl4.digicert.com/CloudflareIncECCCA-3.crl Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/CloudflareIncECCCA-3.crt X509v3 Basic Constraints: critical CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Mar 18 09:53:27.560 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:FB:2D:36:F3:4A:75:80:51:B0:DB:BD: 63:38:38:4D:BB:5C:3A:CA:3D:A9:EF:D9:34:84:F7:81: 26:04:CB:66:6C:02:21:00:81:BD:7A:3D:63:0C:CB:59: B5:92:04:DA:B0:81:84:05:98:1E:88:41:51:E3:62:1D: 99:65:62:23:A7:E8:2D:00 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Mar 18 09:53:27.643 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:66:6C:08:85:77:06:65:E8:77:A8:AA:84: 88:A6:FF:85:05:06:8C:79:E1:F1:81:3E:8B:47:CD:77: FE:A1:D2:8C:02:21:00:E7:41:D3:9D:A4:B6:EE:C6:13: 53:85:08:21:BA:68:D4:64:7A:FD:D7:B9:90:28:E0:7E: E7:04:35:BD:7F:47:03 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12: ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E Timestamp : Mar 18 09:53:27.653 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:C8:15:0B:EA:DA:FD:59:D5:F8:FD:93: CB:96:7A:45:FB:E2:12:9A:0B:BB:6B:57:1F:3B:39:50: 21:FA:B3:B0:06:02:20:03:87:27:B6:A9:8F:F5:6A:1D: 88:B6:7D:0F:4A:CD:C6:DD:5C:5C:01:4E:36:B5:86:C2: 73:3F:7F:C7:7D:5F:7A Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:de:16:aa:4f:79:9c:7e:b6:f2:4c:2d:e4:0b: 9b:16:2a:4e:48:43:f4:4a:f9:56:57:20:e1:e4:3b:b5:10:19: a6:02:21:00:e5:c7:66:6d:15:b6:1c:37:a9:87:57:be:8c:11: 64:f7:8a:12:f5:d7:51:d2:df:38:6d:56:22:ea:39:6b:4c:e3
593390501 | 2024-05-02T05:26:53.3651998880 / tcp
HTTP/1.1 403 Forbidden Date: Thu, 02 May 2024 05:26:53 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 16 Connection: close X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Server: cloudflare CF-RAY: 87d599577b31a000-AMS error code: 1003