GeneralInformation

Hostnames	cbcdesigncentre.com.au
Domains	cbcdesigncentre.com.au
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

Authentication

JavaScript libraries

Security

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

OpenPorts

80 443 2082 2086 2087 8080 8443 8880

428996521 | 2024-05-12T22:47:54.663494

80 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 12 May 2024 22:47:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 882df3797e662ccd-DFW

516139112 | 2024-05-16T13:53:32.102711

443 / tcp

HTTP/1.1 200 OK
Date: Thu, 16 May 2024 13:53:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 16 May 2024 13:53:02 GMT
Cache-Control: private
Set-Cookie: PHPSESSID=aeuunmmv0pav0iqklgnuv0g570; path=/
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=MHrQ5OGgMZASS.jbSvlSnF2MF1T8vIihVf7pt_4MPlA-1715867611-1.0.1.1-xbF83BRpEmiqFzEYv.2tW1zGAK6yvdMZrXUlQKouzzub0P1sUJMspuhxkAO4d2WgiJO1MKZr2jPiwkBoIXjPIQ; path=/; expires=Thu, 16-May-24 14:23:31 GMT; domain=.cbcdesigncentre.com.au; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 884bdaba190596ad-SJC

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:1b:e5:d7:6d:0d:7a:27:d9:ce:a7:8c:be:3c:c6:0d:45:30
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E1
        Validity
            Not Before: Apr 20 02:09:00 2024 GMT
            Not After : Jul 19 02:08:59 2024 GMT
        Subject: CN=cbcdesigncentre.com.au
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:2f:15:ba:32:99:c0:a9:ab:c4:a4:f8:30:0f:96:
                    28:a4:b1:58:bf:fe:c0:03:ed:ab:2e:5d:15:3f:19:
                    b2:92:82:ea:e3:8d:65:1e:a9:22:fe:b8:9f:cf:74:
                    a7:59:32:89:45:ae:b9:d2:a2:26:f9:80:8c:47:31:
                    1c:b1:f8:e7:27
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                9D:A0:6F:D4:0D:FD:53:CC:56:27:BB:D3:82:04:27:64:44:D8:48:43
            X509v3 Authority Key Identifier: 
                5A:F3:ED:2B:FC:36:C2:37:79:B9:52:30:EA:54:6F:CF:55:CB:2E:AC
            Authority Information Access: 
                OCSP - URI:http://e1.o.lencr.org
                CA Issuers - URI:http://e1.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.cbcdesigncentre.com.au, DNS:cbcdesigncentre.com.au
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 20 03:09:01.016 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B8:21:57:32:70:82:33:D5:FE:E5:9E:
                                15:63:8A:EF:EC:48:A9:A9:E2:30:C9:71:EF:87:DB:61:
                                A0:55:38:52:7E:02:20:6A:B2:28:CA:07:E0:5D:63:A5:
                                70:5F:41:9A:E4:FF:AE:34:9D:F8:EC:A3:B6:80:FA:1B:
                                C0:38:38:86:99:A0:5E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 20 03:09:01.014 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E0:46:0F:E4:C4:4D:4C:EF:EA:13:80:
                                63:25:D4:B6:99:57:81:49:2E:C1:C9:B0:27:54:75:5C:
                                4C:E9:4C:E9:F1:02:21:00:D0:F6:2A:EE:3B:03:EB:F9:
                                51:DB:4D:33:96:63:B2:9F:06:9E:98:BF:E6:8C:5A:AC:
                                BF:C4:B2:2F:80:55:0F:82
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:30:69:28:2e:4b:23:33:d2:36:ad:b9:98:a3:4f:d8:
        f9:0b:39:44:fc:42:20:22:99:dd:7f:2c:ff:c6:a8:e5:ca:70:
        38:a8:f0:5c:1b:f2:bc:23:1a:91:28:0c:40:bf:f1:ff:02:31:
        00:dc:90:72:f1:6d:7e:5f:85:51:34:6d:d1:f0:3e:c3:2c:ea:
        92:97:b6:64:24:94:68:83:71:13:0b:fa:47:3f:29:79:78:0e:
        e4:d1:c6:06:aa:1c:d3:75:b7:f8:4a:c8:e8

21507603 | 2024-05-07T23:31:53.751765

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 07 May 2024 23:31:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88050194ea5046e3-DFW

-1095356479 | 2024-05-08T04:53:23.740690

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 04:53:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8806d88648a80fd0-LAX

141477257 | 2024-05-17T15:14:59.540309

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 17 May 2024 15:14:54 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

911046921 | 2024-05-16T23:10:22.297985

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Thu, 16 May 2024 23:10:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 884f0a6d4e465b12-VIE

141477257 | 2024-05-05T23:56:34.093168

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 05 May 2024 23:56:34 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

374723566 | 2024-05-15T07:20:06.842546

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 15 May 2024 07:20:06 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 88415d12b9737b16-DEN

error code: 1003

104.18.35.54

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

428996521 | 2024-05-12T22:47:54.663494
80 / tcp

CloudFlare

516139112 | 2024-05-16T13:53:32.102711
443 / tcp

21507603 | 2024-05-07T23:31:53.751765
2082 / tcp

-1095356479 | 2024-05-08T04:53:23.740690
2086 / tcp

141477257 | 2024-05-17T15:14:59.540309
2087 / tcp

911046921 | 2024-05-16T23:10:22.297985
8080 / tcp

CloudFlare

141477257 | 2024-05-05T23:56:34.093168
8443 / tcp

CloudFlare

374723566 | 2024-05-15T07:20:06.842546
8880 / tcp

Products

Pricing

Contact Us

104.18.35.54

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

428996521 | 2024-05-12T22:47:54.663494 80 / tcp

CloudFlare

516139112 | 2024-05-16T13:53:32.102711 443 / tcp

21507603 | 2024-05-07T23:31:53.751765 2082 / tcp

-1095356479 | 2024-05-08T04:53:23.740690 2086 / tcp

141477257 | 2024-05-17T15:14:59.540309 2087 / tcp

911046921 | 2024-05-16T23:10:22.297985 8080 / tcp

CloudFlare

141477257 | 2024-05-05T23:56:34.093168 8443 / tcp

CloudFlare

374723566 | 2024-05-15T07:20:06.842546 8880 / tcp

Products

Pricing

Contact Us

428996521 | 2024-05-12T22:47:54.663494
80 / tcp

516139112 | 2024-05-16T13:53:32.102711
443 / tcp

21507603 | 2024-05-07T23:31:53.751765
2082 / tcp

-1095356479 | 2024-05-08T04:53:23.740690
2086 / tcp

141477257 | 2024-05-17T15:14:59.540309
2087 / tcp

911046921 | 2024-05-16T23:10:22.297985
8080 / tcp

141477257 | 2024-05-05T23:56:34.093168
8443 / tcp

374723566 | 2024-05-15T07:20:06.842546
8880 / tcp