GeneralInformation

Hostnames	ec2-54-171-89-206.eu-west-1.compute.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

CDN

Cookie compliance

JavaScript libraries

SecurityContact

Contact	donotreply@owasp-juice.shop
Encryption	https://keybase.io/bkimminich/pgp_keys.asc?fingerprint=19c01cb7157e4645e9e2c863062a85a8cbfbdcda
Preferred-languages	en, ar, az, bg, bn, ca, cs, da, de, ga, el, es, et, fi, fr, ka, he, hi, hu, id, it, ja, ko, lv, my, nl, no, pl, pt, ro, ru, si, sv, th, tr, uk, zh
Hiring	/#/jobs
Expires	Wed, 04 Dec 2024 09:34:18 GMT

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

1616067514 | 2024-05-02T07:26:24.224794

80 / tcp

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 07:26:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 04 Dec 2023 09:34:23 GMT
ETag: W/"ea4-18c342dc330"
Vary: Accept-Encoding

54.171.89.206

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

SecurityContact

Vulnerabilities

OpenPorts

1616067514 | 2024-05-02T07:26:24.224794
80 / tcp

Products

Pricing

Contact Us