GeneralInformation

Hostnames	trustamerigasrebate.com
Domains	trustamerigasrebate.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

JavaScript libraries

Miscellaneous

Web frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2014-6071	4.3jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

80 443 2052 2082 2083 2086 2087 8080 8443 8880

853123361 | 2024-05-03T21:16:27.681901

80 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 03 May 2024 21:16:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e345b0fdaa96f1-AMS

1754976033 | 2024-05-12T00:37:42.027892

443 / tcp

HTTP/1.1 200 OK
Date: Sun, 12 May 2024 00:37:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ivvo3hqcjyh4sjmbjx5s4iv2; path=/; HttpOnly; SameSite=Lax
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7Pyfm7BL7udxCsjmzr%2FzHGhipEYPIV9JzfKA8pfCAt0o1apzsSHsJCtBN3208GPFfq5s%2Bfai7uSU5iKVdv%2F8az9%2Bg7OUeRl7kRMOXWC2n%2F%2FCvXibpcJJI3jo61rBG30korQwo7kg8lbwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 882657774c9d9452-SJC
alt-svc: h3=":443"; ma=86400

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:20:ef:c0:d3:d8:b5:d0:0e:b3:61:55:4c:31:ef:03
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5
        Validity
            Not Before: May  9 03:48:44 2024 GMT
            Not After : Aug  7 03:48:43 2024 GMT
        Subject: CN=trustamerigasrebate.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a2:ff:ea:be:6e:e4:78:44:78:08:97:f7:6e:11:
                    06:86:9f:31:21:77:2c:4b:a9:b0:11:fb:f9:62:64:
                    22:9d:a6:d1:65:9c:20:1c:66:ee:45:1e:98:f8:f5:
                    e0:11:31:4b:e9:2b:68:c6:e9:8a:8b:f7:94:ac:9d:
                    cd:f7:61:42:f9:3f:9f:a5:19:58:51:b9:50:22:6b:
                    ba:f0:0e:33:7c:b6:86:95:5b:a6:74:13:0b:96:83:
                    6f:8a:68:31:5b:d7:39:9d:3b:4b:d2:5e:3b:40:5e:
                    44:f8:95:46:d5:f3:d5:b1:d5:da:2d:33:2c:8a:d3:
                    d7:12:f5:03:ee:f9:1d:d0:4e:57:9d:6e:ef:8a:36:
                    8e:f5:1e:b9:82:2e:7e:b5:2a:85:bf:93:9a:6c:4d:
                    01:fa:2f:3b:4f:20:e7:32:43:32:57:da:d4:1a:73:
                    1a:8f:34:44:7c:f2:ce:6b:c3:18:98:62:54:9b:d2:
                    f2:dc:88:80:fa:3c:cc:ee:3c:61:d4:89:6b:3c:d5:
                    3f:e6:2b:d8:bd:a0:a0:47:ad:62:1c:8e:f7:03:e1:
                    5b:d7:08:5b:5b:09:78:bf:b2:d3:2b:72:c5:cf:d2:
                    82:5c:91:2d:24:89:c5:5b:85:38:58:b6:b8:2e:cb:
                    79:14:42:c9:57:5e:19:4b:07:df:3d:a9:cb:aa:67:
                    41:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B5:5C:E2:57:8C:7E:9E:07:73:CE:F8:A1:50:EF:CE:7B:90:9A:0D:B8
            X509v3 Authority Key Identifier: 
                D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8
            Authority Information Access: 
                OCSP - URI:http://ocsp.pki.goog/s/gts1p5/tuTkMh8HpvU
                CA Issuers - URI:http://pki.goog/repo/certs/gts1p5.der
            X509v3 Subject Alternative Name: 
                DNS:trustamerigasrebate.com, DNS:*.trustamerigasrebate.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.11129.2.5.3
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crls.pki.goog/gts1p5/GtnWE3CJBuU.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : May  9 04:48:44.505 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:66:1A:F3:93:2D:25:04:12:6F:57:F9:48:
                                02:D4:4E:B1:49:79:A3:DB:5D:B8:CC:EB:B7:3C:04:EF:
                                D3:AC:2E:FB:02:21:00:C9:A9:39:A8:4F:69:18:87:D0:
                                F4:10:79:79:CE:3D:CF:21:79:10:03:04:44:63:F6:D1:
                                57:67:83:E5:53:50:06
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : May  9 04:48:44.549 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:66:87:D6:51:D6:B0:D6:D7:8D:AB:4D:CD:
                                DE:8F:52:E6:FB:71:F4:AA:D1:54:C7:DE:C3:FE:04:70:
                                C3:07:16:30:02:20:77:C7:77:E5:A4:D8:25:13:FF:CA:
                                7E:7B:52:13:95:23:9D:60:43:4A:FE:4E:3E:CC:04:75:
                                28:1B:86:D6:01:5F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        99:e4:6e:25:81:b2:56:2d:88:da:a3:88:40:98:74:7e:62:1d:
        e6:45:71:9f:7a:f5:6f:1d:29:30:86:46:50:5a:5b:5b:77:2d:
        2c:d2:c7:a5:b7:7a:4c:df:90:33:1a:65:71:70:a2:98:5b:80:
        53:1e:41:8a:91:d7:96:e4:5a:84:2b:93:99:11:92:4b:53:e5:
        9e:30:83:4b:b5:0f:c7:07:44:84:da:81:c4:a5:ec:0d:f2:c0:
        9b:74:ef:f6:d6:97:5d:67:b7:46:91:7e:ce:41:40:e6:7b:0e:
        f3:b0:f8:b6:89:53:36:44:19:7e:2c:6b:8f:d0:01:36:4b:ed:
        29:b7:a4:eb:64:ce:a2:8b:b3:fe:8c:23:d4:92:8f:4d:0c:45:
        17:22:81:00:f3:58:6b:29:46:43:63:cd:38:fd:53:8e:64:ff:
        48:3b:57:4b:8e:6f:43:bf:89:a4:bd:75:30:81:2e:8f:30:64:
        be:92:ec:24:c2:c6:10:76:92:98:5e:23:51:6f:4e:f8:d6:59:
        e4:03:2e:6f:ed:cc:b0:20:62:10:42:07:9e:d6:63:13:81:f4:
        13:a6:ea:d2:b8:31:08:bd:ca:4d:11:d7:6d:56:40:48:4d:e0:
        bf:48:87:a8:98:70:13:6c:7e:db:08:6f:19:bf:80:8d:a9:e1:
        53:68:3d:9a

1493430345 | 2024-04-13T04:06:07.040299

2052 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 13 Apr 2024 04:06:07 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 873894e5e8966a29-LAX

-283489687 | 2024-04-27T16:04:44.083401

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 27 Apr 2024 16:04:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87b00ccf783808ee-LAX

141477257 | 2024-05-05T19:11:33.672281

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 05 May 2024 19:11:33 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

512263286 | 2024-05-03T12:27:31.171816

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 03 May 2024 12:27:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e03edfcaec5203-DEN

141477257 | 2024-05-09T06:34:34.477914

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Thu, 09 May 2024 06:34:34 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

479982788 | 2024-04-16T20:12:04.703092

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 16 Apr 2024 20:12:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8756d4015b385233-LAX

141477257 | 2024-05-04T01:47:32.360394

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sat, 04 May 2024 01:47:32 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-1402865293 | 2024-04-26T13:05:44.911047

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 13:05:44 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 87a6c93faf5c6575-AMS

error code: 1003

172.67.170.95

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

853123361 | 2024-05-03T21:16:27.681901
80 / tcp

CloudFlare

1754976033 | 2024-05-12T00:37:42.027892
443 / tcp

1493430345 | 2024-04-13T04:06:07.040299
2052 / tcp

-283489687 | 2024-04-27T16:04:44.083401
2082 / tcp

141477257 | 2024-05-05T19:11:33.672281
2083 / tcp

512263286 | 2024-05-03T12:27:31.171816
2086 / tcp

141477257 | 2024-05-09T06:34:34.477914
2087 / tcp

479982788 | 2024-04-16T20:12:04.703092
8080 / tcp

CloudFlare

141477257 | 2024-05-04T01:47:32.360394
8443 / tcp

CloudFlare

-1402865293 | 2024-04-26T13:05:44.911047
8880 / tcp

Products

Pricing

Contact Us

172.67.170.95

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

853123361 | 2024-05-03T21:16:27.681901 80 / tcp

CloudFlare

1754976033 | 2024-05-12T00:37:42.027892 443 / tcp

1493430345 | 2024-04-13T04:06:07.040299 2052 / tcp

-283489687 | 2024-04-27T16:04:44.083401 2082 / tcp

141477257 | 2024-05-05T19:11:33.672281 2083 / tcp

512263286 | 2024-05-03T12:27:31.171816 2086 / tcp

141477257 | 2024-05-09T06:34:34.477914 2087 / tcp

479982788 | 2024-04-16T20:12:04.703092 8080 / tcp

CloudFlare

141477257 | 2024-05-04T01:47:32.360394 8443 / tcp

CloudFlare

-1402865293 | 2024-04-26T13:05:44.911047 8880 / tcp

Products

Pricing

Contact Us

853123361 | 2024-05-03T21:16:27.681901
80 / tcp

1754976033 | 2024-05-12T00:37:42.027892
443 / tcp

1493430345 | 2024-04-13T04:06:07.040299
2052 / tcp

-283489687 | 2024-04-27T16:04:44.083401
2082 / tcp

141477257 | 2024-05-05T19:11:33.672281
2083 / tcp

512263286 | 2024-05-03T12:27:31.171816
2086 / tcp

141477257 | 2024-05-09T06:34:34.477914
2087 / tcp

479982788 | 2024-04-16T20:12:04.703092
8080 / tcp

141477257 | 2024-05-04T01:47:32.360394
8443 / tcp

-1402865293 | 2024-04-26T13:05:44.911047
8880 / tcp