GeneralInformation

Hostnames	lonealert.co.uk
Domains	lonealert.co.uk
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

JavaScript libraries

jQuery1.4.4

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

80 443 2082 2083 2086 2087 2095 8080 8443 8880

-710680393 | 2024-05-06T02:08:58.911250

80 / tcp

HTTP/1.1 403 Forbidden
Date: Mon, 06 May 2024 02:08:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87f56cf02d2c6c6b-DFW

-1646547356 | 2024-05-11T16:58:09.558318

443 / tcp

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 16:58:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: las=v3bskrk3pbnabnkotjpuhp6hp6; expires=Sat, 11-May-2024 18:58:09 GMT; Max-Age=7200; path=/
set-cookie: las=v3bskrk3pbnabnkotjpuhp6hp6; expires=Sat, 11-May-2024 18:58:09 GMT; Max-Age=7200; path=/
set-cookie: las_data=c2Vzc2lvbl9pZHxzOjI2OiJ2M2Jza3JrM3BibmFibmtvdGpwdWhwNmhwNiI7dG90YWxfaGl0c3xpOjE7X2tmX2ZsYXNoX3xhOjA6e311c2VyX2FnZW50fHM6MTA1OiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguMTAyIFNhZmFyaS81MzcuMzYiO2lwX2FkZHJlc3N8czoxNToiMTM3LjE4NC4xOTAuMjQ2IjtsYXN0X2FjdGl2aXR5fGk6MTcxNTQ0NjY4OTs%3D; expires=Sat, 11-May-2024 18:58:09 GMT; Max-Age=7200; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUecXd%2FvLCL6TP0nBQYm3TdCO5jS0SkvhT8bt7VQPza3q061J0HZGW2%2F6VBRkWA8vSWgqYopJX0qkNM7w%2Fv4bpRjmdcGIsFE%2F5GLNQN5cTlyGJUcQvQ3JD7zYAiJL%2FOtr0xissqpV2Ql"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8823b64ec981238f-SJC

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:70:ce:36:60:b2:dc:10:0d:cd:30:3f:a8:65:19:e7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5
        Validity
            Not Before: Mar 27 03:24:37 2024 GMT
            Not After : Jun 25 03:24:36 2024 GMT
        Subject: CN=lonealert.co.uk
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c1:eb:d2:74:b8:5c:90:8f:58:96:29:5a:2e:2a:
                    06:1b:82:dc:0c:a9:ad:36:b1:e6:db:82:eb:cd:7d:
                    4c:5f:c3:aa:97:cb:94:78:69:ef:94:b7:18:03:7c:
                    34:f6:5f:3d:aa:b8:28:fc:29:7a:5c:e9:34:aa:25:
                    85:1b:fd:4d:13:dd:fd:56:bb:48:15:1b:c9:7b:06:
                    69:06:38:25:62:2d:62:d7:16:03:e1:f8:cd:de:9c:
                    23:47:8c:b9:84:5c:6a:23:39:21:00:12:7f:e4:85:
                    6f:0e:e0:ef:09:bb:ad:ef:fd:dc:70:ce:97:39:92:
                    f6:14:3f:14:3d:10:8c:01:c3:09:47:ec:38:87:bc:
                    8d:34:6d:2b:16:88:81:be:60:c3:17:04:b7:90:97:
                    55:9a:0d:d5:07:e1:be:a1:f0:27:ea:e4:58:76:9d:
                    72:b9:b2:3d:1f:b6:86:5e:ec:eb:67:23:d3:e5:59:
                    26:85:63:f0:47:a1:1c:6b:a3:de:6b:8b:57:c7:ce:
                    1f:45:ac:fc:c7:38:91:46:a2:46:8a:1f:b3:e2:a2:
                    29:21:87:71:91:af:eb:55:5d:98:ea:54:e1:b9:ac:
                    f3:a4:0e:6f:d8:22:ef:28:1e:62:44:ae:ee:12:d2:
                    14:c1:01:61:30:98:a9:50:a4:37:c3:0a:c0:aa:0a:
                    4a:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                0D:E9:94:8C:36:EC:C7:FD:69:7B:AA:E3:BB:10:3A:A7:05:6E:06:B9
            X509v3 Authority Key Identifier: 
                D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8
            Authority Information Access: 
                OCSP - URI:http://ocsp.pki.goog/s/gts1p5/QbDFkqPasr8
                CA Issuers - URI:http://pki.goog/repo/certs/gts1p5.der
            X509v3 Subject Alternative Name: 
                DNS:lonealert.co.uk, DNS:*.lonealert.co.uk
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.11129.2.5.3
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crls.pki.goog/gts1p5/Zm3QA0spoU8.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 27 04:24:38.161 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AD:88:3D:DB:00:E9:9E:4D:5B:45:4A:
                                49:0A:51:B6:15:3A:24:25:4B:B7:7C:1C:F3:16:3D:28:
                                C3:61:26:5C:DD:02:20:26:8D:4C:0B:41:59:2A:84:15:
                                71:C9:33:F8:EB:2A:D4:B3:08:68:AB:1A:1E:59:68:95:
                                04:EA:BF:ED:5F:0A:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 27 04:24:38.149 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A6:C4:1A:BD:BF:46:90:50:59:E5:8B:
                                22:19:95:2C:4C:04:B3:8B:48:7A:9C:68:FE:6A:47:C0:
                                85:B4:5D:72:F2:02:21:00:9F:FF:E8:39:8B:9E:B3:FD:
                                65:67:ED:4D:4D:84:E4:CE:17:21:C5:26:A6:04:AF:49:
                                24:EF:27:06:D5:04:8E:7E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        41:74:ba:45:2c:79:c4:1a:b9:89:1e:6b:8f:4c:ad:3f:b4:18:
        99:e5:1b:2d:f2:ab:80:a2:c7:6e:94:be:98:a1:c8:41:19:b1:
        5b:fa:86:c0:88:04:33:44:c7:b7:c6:88:8e:02:aa:6d:c8:2f:
        12:63:0a:63:9d:42:58:db:ed:4a:90:54:6d:0e:49:bc:48:02:
        be:6a:5e:bf:de:d6:c9:78:2c:b4:7a:d6:e2:7a:08:7d:b2:4a:
        8d:8e:ee:21:ee:b1:c5:48:4e:db:19:6e:92:2f:d6:f7:a2:20:
        d2:f3:a0:ec:79:42:41:0d:a3:8b:67:30:a6:fa:c3:37:01:f8:
        c7:87:64:c6:e0:98:71:e6:2f:5e:e9:fe:3a:60:75:5c:dd:0a:
        f8:c5:0f:42:fe:47:b5:f6:0f:13:64:38:2c:2f:7e:79:6d:9d:
        b1:8b:4a:da:63:2f:91:fb:ff:ec:fe:67:5e:84:5c:94:90:b9:
        03:e2:55:4f:47:56:3f:28:34:e2:cf:42:53:34:77:b3:ec:6e:
        c7:a6:ac:d6:c2:ad:84:30:64:c3:2e:46:48:93:f8:eb:02:eb:
        32:18:10:38:03:24:09:5c:53:aa:0e:de:0e:38:09:79:d6:05:
        8a:ea:2e:a0:bb:0b:13:ce:89:da:fd:f0:30:38:0f:38:e3:91:
        00:20:73:3a

934272026 | 2024-05-08T13:56:05.159730

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 13:56:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8809f37bdad52e5d-DFW

141477257 | 2024-05-08T17:16:55.018191

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 08 May 2024 17:16:55 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

1967257221 | 2024-05-08T03:45:56.902823

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 03:45:56 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880675ba8864e5c2-DFW

583178756 | 2024-05-11T13:37:19.552752

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sat, 11 May 2024 13:37:19 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

-212661932 | 2024-04-25T21:31:44.679753

2095 / tcp

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 21:31:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a171142d6cb968-AMS

-265620612 | 2024-04-29T20:17:12.855919

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Mon, 29 Apr 2024 20:17:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87c1f967498c7b26-DEN

141477257 | 2024-05-12T05:49:41.861291

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 12 May 2024 05:49:41 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

2074011300 | 2024-05-09T12:25:24.236962

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Thu, 09 May 2024 12:25:24 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8811ac067b33e534-DFW

error code: 1003

172.67.68.216

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-710680393 | 2024-05-06T02:08:58.911250
80 / tcp

CloudFlare

-1646547356 | 2024-05-11T16:58:09.558318
443 / tcp

934272026 | 2024-05-08T13:56:05.159730
2082 / tcp

141477257 | 2024-05-08T17:16:55.018191
2083 / tcp

1967257221 | 2024-05-08T03:45:56.902823
2086 / tcp

583178756 | 2024-05-11T13:37:19.552752
2087 / tcp

-212661932 | 2024-04-25T21:31:44.679753
2095 / tcp

-265620612 | 2024-04-29T20:17:12.855919
8080 / tcp

CloudFlare

141477257 | 2024-05-12T05:49:41.861291
8443 / tcp

CloudFlare

2074011300 | 2024-05-09T12:25:24.236962
8880 / tcp

Products

Pricing

Contact Us

172.67.68.216

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-710680393 | 2024-05-06T02:08:58.911250 80 / tcp

CloudFlare

-1646547356 | 2024-05-11T16:58:09.558318 443 / tcp

934272026 | 2024-05-08T13:56:05.159730 2082 / tcp

141477257 | 2024-05-08T17:16:55.018191 2083 / tcp

1967257221 | 2024-05-08T03:45:56.902823 2086 / tcp

583178756 | 2024-05-11T13:37:19.552752 2087 / tcp

-212661932 | 2024-04-25T21:31:44.679753 2095 / tcp

-265620612 | 2024-04-29T20:17:12.855919 8080 / tcp

CloudFlare

141477257 | 2024-05-12T05:49:41.861291 8443 / tcp

CloudFlare

2074011300 | 2024-05-09T12:25:24.236962 8880 / tcp

Products

Pricing

Contact Us

-710680393 | 2024-05-06T02:08:58.911250
80 / tcp

-1646547356 | 2024-05-11T16:58:09.558318
443 / tcp

934272026 | 2024-05-08T13:56:05.159730
2082 / tcp

141477257 | 2024-05-08T17:16:55.018191
2083 / tcp

1967257221 | 2024-05-08T03:45:56.902823
2086 / tcp

583178756 | 2024-05-11T13:37:19.552752
2087 / tcp

-212661932 | 2024-04-25T21:31:44.679753
2095 / tcp

-265620612 | 2024-04-29T20:17:12.855919
8080 / tcp

141477257 | 2024-05-12T05:49:41.861291
8443 / tcp

2074011300 | 2024-05-09T12:25:24.236962
8880 / tcp