GeneralInformation

Hostnames	peplink.com
Domains	peplink.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

JavaScript libraries

jQuery2.2.1

UI frameworks

Bootstrap3.3.6

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	6.1Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-8331	6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-11358	6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-20677	6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2015-9251	6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443 2082 2083 2086 2096 8080 8443 8880

1750935976 | 2024-04-22T06:14:09.704023

80 / tcp

HTTP/1.1 403 Forbidden
Date: Mon, 22 Apr 2024 06:14:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 878378d69cd306d4-AMS

685810163 | 2024-04-15T00:58:21.758375

443 / tcp

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 00:58:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 8747fc9ba80d15a4-SJC
CF-Cache-Status: DYNAMIC
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: accept-encoding
cf-apo-via: origin,host
pragma: no-cache
X-Content-Type-Options: nosniff
x-frame-options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8OwlZ2N%2BiXcfrohPR77iuV2J99zLH1cs14svs1CO4mwBNzSwuZavyUD1of4ImhisvzY31hwqsfwq9W8Rt8xjk5BhxTIQBlsf7eFly%2FufCWUL2%2Fb02ELgS56EbNHZ0W7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            de:13:84:25:71:71:64:e6:13:78:43:f0:8b:7e:16:fd
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5
        Validity
            Not Before: Apr  1 07:56:12 2024 GMT
            Not After : Jun 30 08:53:42 2024 GMT
        Subject: CN=peplink.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:c9:c1:30:a1:5b:61:37:5c:69:22:83:f3:e7:
                    14:9d:6e:2f:0c:2b:0a:bf:ba:04:1b:6c:68:97:83:
                    b3:2b:82:d1:59:6c:58:5a:22:86:a0:f9:42:32:81:
                    af:53:7d:d1:58:58:8c:d6:35:09:88:6a:a6:a7:e1:
                    03:72:04:58:d1:7f:1c:af:3d:2c:35:21:8b:24:c2:
                    6d:60:a6:5e:cd:e3:76:2e:b2:1a:c1:38:48:78:91:
                    24:8b:d5:80:53:22:32:9b:71:87:2b:04:a2:07:6b:
                    cc:20:75:84:a4:35:ad:90:72:32:76:18:07:ed:e2:
                    1a:15:8d:c9:f1:3f:c7:31:e3:29:87:3f:fe:bd:16:
                    e5:ec:3a:9a:52:36:88:f4:39:8b:72:60:00:48:65:
                    7b:9e:4a:e7:46:9d:20:e2:3f:95:64:13:4b:d1:c6:
                    16:21:23:5f:c3:0b:16:e8:0e:2b:97:10:96:f0:4c:
                    3c:81:8e:49:08:e7:45:1f:a3:af:db:3b:f5:bf:3b:
                    04:41:99:d4:70:09:08:9d:3c:57:f1:db:97:ec:0c:
                    5a:67:3d:4c:91:0e:5c:06:80:1d:c2:10:63:07:c8:
                    9f:70:7d:cf:e6:e9:61:63:7a:4b:59:98:bb:43:82:
                    1c:3c:e2:44:ba:57:ac:ab:fb:1a:94:34:f0:82:a9:
                    90:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:86:E5:46:AE:74:41:88:3D:5F:70:00:00:2F:02:4B:CE:3A:16:5D
            X509v3 Authority Key Identifier: 
                D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8
            Authority Information Access: 
                OCSP - URI:http://ocsp.pki.goog/s/gts1p5/jiDdiIF0ttU
                CA Issuers - URI:http://pki.goog/repo/certs/gts1p5.der
            X509v3 Subject Alternative Name: 
                DNS:peplink.com, DNS:*.peplink.com, DNS:*.forum.peplink.com, DNS:*.dev.forum.peplink.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.11129.2.5.3
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crls.pki.goog/gts1p5/nEDi5TzHo5Q.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Apr  1 08:56:12.569 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:54:DB:0E:1B:B2:D3:46:40:54:A3:3D:75:
                                11:9F:20:AA:B8:A9:D3:F9:EC:C9:C5:04:AB:90:57:CF:
                                BA:91:DB:74:02:20:5D:C7:25:DC:47:9A:DC:87:B0:A1:
                                AE:4E:64:5A:63:4A:F5:73:43:44:62:FD:1B:69:EF:2A:
                                55:D1:34:F4:9E:AA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Apr  1 08:56:12.559 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D8:D8:97:B0:FD:8D:A2:32:8C:E9:0A:
                                C3:A3:8D:45:58:99:71:E2:62:07:E9:F0:A2:FE:86:3E:
                                E1:72:EA:F0:37:02:21:00:A8:7D:83:6B:DF:5F:DD:85:
                                86:15:B1:A1:10:99:75:6D:10:03:41:7B:E8:2D:F9:71:
                                6A:F1:3B:49:89:74:4B:BF
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8c:86:f3:87:e1:61:78:bf:b7:a5:ec:0a:63:a1:7a:d4:2b:8f:
        4c:85:d9:3b:80:ed:c8:1a:14:a6:e5:e8:82:bb:14:fd:67:ad:
        18:49:16:ff:45:9c:4c:18:32:1a:e4:4c:2f:dc:22:4f:74:8a:
        61:bb:92:6e:5a:1d:b6:a0:5c:7e:55:19:b3:79:78:10:fe:ed:
        60:86:f5:74:79:f5:e4:45:ee:68:b8:da:aa:7b:93:aa:a5:c3:
        e7:ef:e5:9e:7f:c7:f6:7f:b7:da:d4:c8:39:99:23:b2:45:d1:
        a5:63:68:18:27:1f:0b:9f:0f:f7:46:1a:53:b1:fb:fb:77:73:
        c2:59:ce:b0:31:77:59:71:29:c0:f0:c1:93:0b:d6:cd:fd:9f:
        8e:3e:54:95:8e:97:dd:37:24:36:27:ca:7d:b4:e4:be:31:99:
        e8:f0:91:7b:d1:78:4f:a9:4d:cb:36:49:a8:66:67:b1:19:65:
        e9:c4:e6:53:1c:04:c2:f3:bf:db:1d:73:e8:ba:10:f2:1f:45:
        3b:b4:2c:1e:80:c8:c2:12:49:76:a5:ba:5a:b2:35:f2:05:58:
        e8:b5:e0:f2:49:8d:4c:81:b5:e3:dd:82:ba:ef:87:b9:f7:38:
        4b:b7:cf:26:ce:74:6d:ad:d8:0a:e2:9b:11:04:49:92:10:37:
        2a:8a:d8:96

-82418675 | 2024-04-17T15:22:47.783390

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 17 Apr 2024 15:22:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 875d69a06aab1025-LAX

141477257 | 2024-04-23T04:34:19.668647

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 23 Apr 2024 04:34:19 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

1407318379 | 2024-03-27T23:26:44.466675

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 27 Mar 2024 23:26:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86b325a7ed65b725-AMS

141477257 | 2024-04-10T01:56:42.557706

2096 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 10 Apr 2024 01:56:42 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-2026792679 | 2024-04-23T08:01:42.332796

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 08:01:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 878c53bf8f8aeab0-DFW

141477257 | 2024-04-24T18:53:17.363078

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 24 Apr 2024 18:53:17 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-1388452535 | 2024-04-16T22:56:15.052658

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 16 Apr 2024 22:56:15 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8757c47e0e840e50-AMS

error code: 1003

104.25.204.4

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1750935976 | 2024-04-22T06:14:09.704023
80 / tcp

CloudFlare

685810163 | 2024-04-15T00:58:21.758375
443 / tcp

-82418675 | 2024-04-17T15:22:47.783390
2082 / tcp

141477257 | 2024-04-23T04:34:19.668647
2083 / tcp

1407318379 | 2024-03-27T23:26:44.466675
2086 / tcp

141477257 | 2024-04-10T01:56:42.557706
2096 / tcp

-2026792679 | 2024-04-23T08:01:42.332796
8080 / tcp

CloudFlare

141477257 | 2024-04-24T18:53:17.363078
8443 / tcp

CloudFlare

-1388452535 | 2024-04-16T22:56:15.052658
8880 / tcp

Products

Pricing

Contact Us

104.25.204.4

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1750935976 | 2024-04-22T06:14:09.704023 80 / tcp

CloudFlare

685810163 | 2024-04-15T00:58:21.758375 443 / tcp

-82418675 | 2024-04-17T15:22:47.783390 2082 / tcp

141477257 | 2024-04-23T04:34:19.668647 2083 / tcp

1407318379 | 2024-03-27T23:26:44.466675 2086 / tcp

141477257 | 2024-04-10T01:56:42.557706 2096 / tcp

-2026792679 | 2024-04-23T08:01:42.332796 8080 / tcp

CloudFlare

141477257 | 2024-04-24T18:53:17.363078 8443 / tcp

CloudFlare

-1388452535 | 2024-04-16T22:56:15.052658 8880 / tcp

Products

Pricing

Contact Us

1750935976 | 2024-04-22T06:14:09.704023
80 / tcp

685810163 | 2024-04-15T00:58:21.758375
443 / tcp

-82418675 | 2024-04-17T15:22:47.783390
2082 / tcp

141477257 | 2024-04-23T04:34:19.668647
2083 / tcp

1407318379 | 2024-03-27T23:26:44.466675
2086 / tcp

141477257 | 2024-04-10T01:56:42.557706
2096 / tcp

-2026792679 | 2024-04-23T08:01:42.332796
8080 / tcp

141477257 | 2024-04-24T18:53:17.363078
8443 / tcp

-1388452535 | 2024-04-16T22:56:15.052658
8880 / tcp