| Hostnames |
doortoplane.3cx.co.uk doortoplane.com www.doortoplane.com default-46-33-136-239.interdsl.co.uk |
| Domains | 3cx.co.uk doortoplane.com interdsl.co.uk |
| Country | United Kingdom |
| City | Brentwood |
| Organization | ICUK Computing Services Limited |
| ISP | ICUK Computing Services Limited |
| ASN | AS51561 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
| CVE-2019-8331 | 4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. |
| CVE-2018-20677 | 4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. |
| CVE-2018-20676 | 4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. |
| CVE-2018-14042 | 4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. |
| CVE-2018-14040 | 4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. |
| CVE-2016-10735 | 4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. |
1307802784 | 2024-05-09T02:47:16.68691480 / tcp
HTTP/1.1 302 Found Date: Thu, 09 May 2024 02:45:12 GMT Server: Apache Location: https://www.doortoplane.com/ Content-Length: 212 Content-Type: text/html; charset=iso-8859-1
1693454910 | 2024-05-11T17:39:44.115750443 / tcp
HTTP/1.1 200 OK Date: Sat, 11 May 2024 17:37:37 GMT Server: Apache Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Content-Security-Policy: frame-ancestors 'self'; X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Transfer-Encoding: chunked Content-Type: text/html
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:1a:c3:c0:0f:1b:4f:3f:ef:6d:82:a4:80:47:90:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Extended Validation Secure Server CA
Validity
Not Before: Oct 18 00:00:00 2023 GMT
Not After : Nov 17 23:59:59 2024 GMT
Subject: serialNumber=01210156/jurisdictionC=GB/businessCategory=Private Organization, C=GB, ST=West Yorkshire, O=Rollinson Safeway Limited, CN=doortoplane.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c1:e3:8c:44:4d:18:fa:8d:1e:2d:35:2f:fb:61:
42:41:0f:83:6a:fc:17:a0:f2:96:05:53:24:f1:bb:
f2:bb:f9:40:8d:9f:73:89:97:5a:a0:73:e7:fe:5d:
ad:e2:1b:2d:19:c9:e0:6c:81:12:fd:40:8f:69:e3:
f2:3b:30:24:f8:d6:59:5c:fa:74:20:ab:76:bc:d7:
07:a8:b8:53:06:58:9f:9e:dd:b4:21:4b:a7:39:9d:
8a:bb:24:e6:57:be:1c:03:57:80:06:05:e2:1c:2a:
23:4c:07:2b:ce:e4:d0:e3:02:1c:88:c6:c1:fb:d9:
2b:6d:88:df:3e:0a:fb:63:8e:ad:df:b9:21:26:f3:
25:f7:b3:50:95:5c:cf:ef:8a:d6:09:63:0d:f1:99:
5f:1a:47:6d:56:43:36:8b:a5:58:38:91:a9:e6:1b:
e4:6c:57:aa:96:6c:6b:40:a0:55:7f:01:34:3f:ba:
64:98:47:7f:ab:fd:5b:77:0c:97:51:fa:53:e5:bf:
a0:20:a6:23:86:08:70:f1:03:16:b1:02:79:b0:82:
36:03:3e:b4:dc:d7:7c:0f:f3:a9:6a:02:db:ba:88:
46:18:49:da:26:d6:db:ef:47:0c:40:a4:05:2e:ef:
5e:60:8f:1d:13:51:d0:eb:11:bd:5d:f8:50:22:76:
9d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
2C:69:FF:80:C9:87:90:AE:34:E1:B4:E7:4C:93:85:99:40:E9:A7:B2
X509v3 Subject Key Identifier:
E5:B1:78:F8:27:30:2A:D2:04:F1:92:B6:C1:C4:C6:13:E0:39:01:09
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.1.5.1
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.1
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:doortoplane.com, DNS:www.doortoplane.com
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Oct 18 21:33:55.242 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:AB:A9:3F:EA:3A:4B:98:BD:93:C2:C4:
36:94:AC:2B:2A:72:17:7D:F1:39:0A:28:A8:79:49:52:
73:54:61:D4:1C:02:20:00:ED:4F:36:2F:9A:4B:78:EC:
BC:7C:4C:3C:0A:8F:C5:F5:3E:A9:EB:21:54:29:C9:24:
ED:B0:9F:F8:A9:25:BF
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Oct 18 21:33:55.332 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:7D:99:EA:20:27:81:9C:E5:E2:78:2B:91:
43:DF:AA:83:5F:8D:54:7F:B0:4C:55:42:54:3E:AB:50:
68:B3:27:77:02:20:7B:BB:1C:67:12:B2:2A:52:89:4B:
37:4F:B4:FD:90:B5:9A:59:5F:F4:99:75:47:84:90:74:
A9:B3:BE:E9:42:00
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Oct 18 21:33:55.287 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:06:83:5C:85:F4:1A:92:C7:D7:DE:62:93:
40:2C:4F:F2:12:98:2F:31:B5:B7:B8:1D:A9:9A:67:81:
E0:9B:CD:E5:02:21:00:86:A3:2D:81:F8:1C:2B:5A:3C:
91:00:0C:14:77:96:59:92:48:85:68:0D:0B:60:A6:B8:
2C:DF:C0:80:76:B3:84
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
85:73:18:e2:29:58:21:61:54:c2:1a:fc:05:b5:d2:13:ee:6f:
2a:c9:d9:51:c2:a7:f0:61:9e:0b:67:fa:7e:6d:29:d1:a9:fe:
26:ee:00:83:b4:b6:12:5b:e5:fb:38:71:ae:06:71:4c:7b:c7:
64:55:02:c8:1e:af:93:82:3f:43:f1:81:62:04:43:9f:a9:24:
44:8d:0d:28:92:d6:7c:10:31:09:16:85:f0:63:65:97:65:9e:
4e:bd:98:de:f3:39:2e:75:64:dd:25:25:d6:1b:65:98:28:dd:
db:4d:2b:7c:58:1c:e6:f1:b5:02:f5:8d:35:ce:07:fc:e6:9a:
ef:57:fc:2f:34:b8:d7:03:3c:5c:a3:e8:c5:b5:df:07:8b:9b:
8c:26:55:64:92:a0:47:6c:82:b8:92:07:63:14:25:70:02:7b:
a0:d2:af:62:ae:79:0a:1e:57:46:43:ab:76:a1:f9:de:f5:e5:
5e:83:db:35:80:50:f2:d4:11:bf:c4:6a:68:2b:8b:c5:12:0b:
4d:a6:f3:b2:88:ca:bb:7f:2a:8a:4f:3d:30:8c:7a:75:e0:22:
30:59:13:ea:81:17:3c:c3:ac:c6:10:42:e2:ca:99:97:7d:46:
8c:15:8b:dc:2c:4e:f6:85:0f:ae:ce:18:92:59:41:ea:1c:8a:
ca:51:8c:31
-1946781781 | 2024-04-22T08:49:30.085956500 / udp
VPN (IKE)
Initiator SPI: 7038397173677032
Responder SPI: 6231767874666f6d
Next Payload: RESERVED
Version: 2.0
Exchange Type: DOI Specific Use
Flags:
Encryption: False
Commit: False
Authentication: False
Message ID: 00000000
Length: 36
261189147 | 2024-05-12T00:09:56.9114201723 / tcp
PPTP: Firmware: 1 Hostname: local Vendor: linux
1765360226 | 2024-05-05T16:33:53.8925455000 / tcp
HTTP/1.1 403 Forbidden Server: nginx Date: Sun, 05 May 2024 16:33:54 GMT Content-Type: text/html Content-Length: 548 Connection: keep-alive
-1503385025 | 2024-05-13T12:52:12.4409615001 / tcp
HTTP/1.1 200 OK Server: nginx Date: Mon, 13 May 2024 12:52:12 GMT Content-Type: text/html Content-Length: 957 Last-Modified: Fri, 08 Sep 2023 16:44:46 GMT Connection: keep-alive ETag: "64fb4f7e-3bd" X-Frame-Options: DENY X-Content-Type-Options: nosniff X-XSS-Protection: 0 Content-Security-Policy: default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self' Strict-Transport-Security: max-age=15768000 Cache-Control: no-cache Accept-Ranges: bytes
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c3:fc:2c:50:6e:6a:7d:9e:54:ec:29:69:15:8a:fb:e6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R3
Validity
Not Before: Apr 9 00:11:49 2024 GMT
Not After : Jul 8 00:11:48 2024 GMT
Subject: CN=doortoplane.3cx.co.uk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b0:b1:55:d8:f1:89:16:23:53:42:db:54:6e:e0:
36:1f:4c:26:bd:8b:a9:b8:99:25:d6:f0:7a:c9:bf:
3e:06:1d:b6:23:11:bc:7c:83:ad:c5:96:6e:db:37:
de:9e:15:06:03:29:c4:bc:9e:88:d9:d5:36:69:7a:
0e:fa:2d:80:2b:24:4c:74:82:8e:30:3c:ab:5c:46:
37:2e:da:f2:5d:18:72:d9:13:5b:24:79:36:7d:4b:
f9:3a:dd:41:07:4d:94:66:53:d7:a1:2e:c2:93:75:
9f:59:28:31:6a:71:38:aa:29:2b:59:bd:65:5b:c5:
71:fc:14:c8:65:3b:0c:62:3a:4a:4b:65:ac:85:d4:
a3:05:83:3e:51:e8:39:8f:bd:83:bc:88:2a:cc:4f:
d1:9b:04:38:04:d6:f6:cf:5a:83:df:60:a4:43:1f:
57:ca:c2:47:95:d4:20:06:54:26:3d:b6:2c:e9:f2:
20:a3:98:be:ef:92:6b:d0:7e:3d:e1:a2:5a:ac:06:
10:d9:44:a9:d1:18:19:4f:71:aa:7e:71:15:c9:27:
af:0e:a8:ce:59:bb:a4:82:49:f6:c7:07:e7:54:9c:
89:c9:ba:f6:6a:5f:8a:26:6e:70:44:34:5e:a9:49:
b7:63:29:17:18:5e:c3:81:44:03:f0:14:7b:49:3d:
e0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
89:A6:02:66:97:D1:E7:06:4A:40:7E:CA:76:57:5D:3D:39:00:C4:23
X509v3 Authority Key Identifier:
14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:doortoplane.3cx.co.uk
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Apr 9 01:11:49.410 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:87:EF:63:88:5B:AD:76:98:C5:0E:79:
E2:59:32:4C:98:0B:F8:D3:38:B5:F0:51:25:11:91:1A:
C6:04:05:7C:1D:02:21:00:F2:6C:CD:74:BE:6D:B2:8C:
C2:D4:F1:C5:57:74:3C:CA:02:26:13:08:5C:AE:E8:94:
67:50:3A:72:8D:36:6B:34
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Apr 9 01:11:49.574 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:9A:3B:1E:05:41:8C:30:2B:7D:24:EC:
92:D1:F1:35:9A:30:CB:9B:3A:B7:85:05:A1:F9:8B:19:
3D:2D:66:EB:80:02:20:16:57:19:03:8F:9B:31:A0:5D:
FE:47:89:D4:11:C0:A7:D3:2B:C7:A0:53:A1:25:DF:74:
64:5E:C0:48:8A:7C:8B
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
b9:55:0e:4d:13:61:00:84:60:f5:03:07:89:1b:bd:1d:f4:67:
c2:94:99:84:44:ee:09:b9:05:e2:f2:03:a9:99:17:77:4f:78:
f0:e3:26:6d:7a:08:42:9c:ce:bc:f7:2b:3d:a9:db:fa:0e:22:
e0:48:1b:97:36:ff:6e:b5:3f:eb:c1:e9:f3:ab:ae:fe:8b:2d:
ad:df:87:63:bd:b5:3e:63:75:55:3b:7a:3d:8d:9c:71:45:39:
68:bc:ab:00:2f:ee:c0:e7:b5:bb:40:de:32:6f:31:19:3b:af:
3a:d4:a3:ef:e5:a6:35:e2:ff:a1:b0:7d:be:47:29:b2:cc:be:
10:9a:98:b9:32:13:6c:7a:c2:0a:65:4d:0e:d9:3b:4d:01:81:
5c:0a:53:5d:b4:c5:93:74:d7:d8:c1:5d:be:51:66:a9:ea:91:
bf:22:79:dd:80:64:97:68:38:77:08:e0:8f:26:d5:0c:31:0a:
5b:85:e3:47:61:05:ef:76:cb:c0:8f:bf:83:85:0a:27:1a:1f:
dc:05:4c:cc:13:be:84:0e:33:64:fd:70:35:7c:e6:11:33:8d:
68:53:26:3e:81:e6:0b:c5:8d:1d:90:73:9a:99:7c:d9:4e:6c:
ee:30:9f:e1:14:79:6b:3c:74:a2:17:c7:11:70:66:e3:ba:17:
9e:0c:29:82