GeneralInformation

Hostnames	etest.bank-abc.com
Domains	bank-abc.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

Cookie compliance

OneTrust

JavaScript frameworks

JavaScript libraries

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443

-1903558660 | 2024-05-04T08:59:57.791897

80 / tcp

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 08:59:56 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 May 2024 09:59:56 GMT
Location: https://arcor.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e74c2f4b1e96cb-SJC

857866249 | 2024-05-06T03:30:44.505060

443 / tcp

HTTP/1.1 200 OK
Date: Mon, 06 May 2024 03:30:35 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://content.bank-abc.com data: https://h.online-metrix.net https://ajax.googleapis.com https://optanon.blob.core.windows.net https://maps.google.com https://player.vimeo.com blob:
X-XSS-Protection: 1; mode=block
X-BBXSRF: ec2e81eb-7f21-4873-ab61-241099acf74a
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=pKo0C0BOrWYBvb0Nckb8gyNe.live-server; Path=/portalserver;HttpOnly;Secure;HttpOnly;Secure;
Set-Cookie: BBXSRF=ec2e81eb-7f21-4873-ab61-241099acf74a; Expires=Tue, 07-May-2024 03:30:35 GMT; Path=/;HttpOnly;Secure;Secure;
Set-Cookie: anonymousUserId=9705b368-62c1-4d03-8867-9ca10740929f; Expires=Sun, 27-Apr-2025 03:30:35 GMT; Path=/portalserver;HttpOnly;Secure;HttpOnly;Secure;
Set-Cookie: ROUTEID=.node1; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87f5e470b9e59465-SJC

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c5:0b:69:7c:f5:e0:ff:9b:e9:ca:6b:8e:24:28:86:c5:2f
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E1
        Validity
            Not Before: Apr 14 02:53:52 2024 GMT
            Not After : Jul 13 02:53:51 2024 GMT
        Subject: CN=etest.bank-abc.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:7a:a6:ab:59:81:8f:5a:ea:29:ce:c3:f4:5f:1d:
                    ae:32:43:36:21:bc:b9:f7:1e:4d:f8:07:f7:24:22:
                    f1:3b:92:68:09:b9:95:37:8d:0a:e8:a9:dd:ab:55:
                    db:0e:f2:41:c7:6e:ab:5d:85:fb:a8:95:cb:5c:fc:
                    33:88:12:55:eb
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B6:DF:60:55:D3:8E:03:F8:91:06:31:93:A3:B7:C8:3E:D2:BA:63:AF
            X509v3 Authority Key Identifier: 
                5A:F3:ED:2B:FC:36:C2:37:79:B9:52:30:EA:54:6F:CF:55:CB:2E:AC
            Authority Information Access: 
                OCSP - URI:http://e1.o.lencr.org
                CA Issuers - URI:http://e1.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:etest.bank-abc.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 14 03:53:52.359 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2A:7C:CF:28:76:EB:DB:05:4A:B7:38:1E:
                                E4:A2:D8:CA:31:59:4B:EB:E7:62:A0:38:A6:D5:18:F3:
                                33:59:78:01:02:20:62:80:9C:29:ED:E7:AA:5C:C5:02:
                                6D:EB:E8:33:D0:2A:B9:6D:1C:D0:FB:11:06:AD:66:29:
                                09:B8:70:34:D1:2A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 14 03:53:52.378 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:65:0C:E7:D9:61:7B:1F:94:B3:2D:BC:4A:
                                80:22:FD:23:5F:29:4C:0B:49:0C:63:EA:18:D7:AC:9D:
                                24:92:4C:06:02:20:2A:30:94:5D:89:48:CB:7E:A3:48:
                                5C:DC:47:D3:7F:B0:D6:42:90:5F:99:C7:63:9C:18:F9:
                                56:0B:FA:AF:66:72
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:66:02:31:00:ec:3c:a0:4e:66:00:96:b0:05:5e:aa:64:88:
        ae:9e:2f:9f:1f:29:a9:83:a8:cb:35:ad:e5:d7:0d:01:75:78:
        78:3b:81:a5:02:81:68:99:77:cf:15:87:7a:fc:b5:7d:46:02:
        31:00:c3:bb:7d:74:8a:2c:68:ad:ad:fe:6b:4a:37:c0:ec:db:
        22:1c:7c:34:7b:f8:84:58:16:8c:58:2b:f9:51:b4:3e:ef:89:
        89:e2:d2:6f:bb:f0:e1:35:d3:ca:cf:17:3c:2a

2606:4700::6812:a8b

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1903558660 | 2024-05-04T08:59:57.791897
80 / tcp

857866249 | 2024-05-06T03:30:44.505060
443 / tcp

Products

Pricing

Contact Us

2606:4700::6812:a8b

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1903558660 | 2024-05-04T08:59:57.791897 80 / tcp

857866249 | 2024-05-06T03:30:44.505060 443 / tcp

Products

Pricing

Contact Us

-1903558660 | 2024-05-04T08:59:57.791897
80 / tcp

857866249 | 2024-05-06T03:30:44.505060
443 / tcp