GeneralInformation

Hostnames	wxmonitor.aero
Domains	wxmonitor.aero
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

CDN

BootstrapCDN3.3.7

jQuery CDN

JavaScript libraries

jQuery2.2.4

Modernizr

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(1)

CVE-2024-6484

6.4A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(2)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

CVE-2019-8331

6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

2018(4)

CVE-2018-20677

6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2018-20676

6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-14042

6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040

6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

2016(1)

CVE-2016-10735

6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

22 443

22 / tcp

-691827775 | 2025-02-20T08:27:57.580397

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDOnuRnqkJT8ensm55zggBfu/Y1LcrhUV8rmvhwaqbWyzcb
euHRACNTOYF5L6VV4SspDTaFu3dww9pZh4BKoF+C4tLWglIEVH/Urf4RfpZoGFwFxplorLsztctv
PqlvdC02bEG7GTCN8DZCiFiwgFUzbhf35EA71Db6y6uUpYcyRxfD4rHjDhS75Yfn0Ad5fbWP5Oc5
t/249OdJhe/NlKCQFivNk53i2elr2+KgJFgxFGm7TwPe8C1IhtTfnRb5SxBMCfOvWVB5BOprJ0nU
sSRlT2g39qs2w3dcyjV1Ahh1Mq1Ekbkh+9aGOkn/RvvQUKvvpf1789RnmtM2rqArJQYH
Fingerprint: c8:ad:32:86:d4:8c:cf:02:f7:e4:19:55:15:a8:99:22

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

443 / tcp

321493526 | 2025-03-07T12:24:09.291361

Hashes

hash

853397058

http.dom_hash

287034488

http.favicon.hash

-819853456

http.html_hash

321493526

http.robots_hash

-1138099054

http.server_hash

932182959

http.sitemap_hash

-322589326

http.title_hash

-214402210

Airport Weather Monitor

HTTP/1.1 200 OK
Server: nginx-rc
Date: Fri, 07 Mar 2025 12:24:09 GMT
Content-Type: text/html
Content-Length: 14528
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Sep 2017 15:12:19 GMT
ETag: "38c0-558364dc0341a"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:fa:59:21:2c:61:68:19:98:37:f8:f8:16:82:28:57:2f:ad
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Jan 23 12:19:21 2025 GMT
            Not After : Apr 23 12:19:20 2025 GMT
        Subject: CN=wxmonitor.aero
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c7:b8:d4:b1:80:15:07:47:96:0f:22:64:46:73:
                    ca:c0:ce:09:a0:71:b2:35:58:52:a4:cb:df:a9:8c:
                    d6:d3:6a:03:88:09:12:f0:36:40:38:3b:0b:31:5f:
                    c1:46:38:b3:44:fd:47:7e:2e:0f:a7:6c:40:e0:4c:
                    52:13:47:7c:27:ae:41:c5:11:c4:97:db:fd:c2:a4:
                    f6:dd:e3:08:d1:af:dd:6c:45:7c:73:63:70:67:bb:
                    7c:0d:d5:53:ea:67:9e:9e:69:47:74:75:3a:f0:71:
                    83:46:e9:c0:57:b0:b1:b8:d8:01:b2:25:d6:07:c5:
                    3a:64:ae:83:03:c2:df:a1:09:9d:be:ad:59:33:b3:
                    7d:ff:20:67:4a:86:67:8b:6d:7a:0f:fe:53:6f:b3:
                    48:bd:91:88:a6:d7:d5:6b:a7:2c:88:b4:53:5a:87:
                    23:c4:0b:66:6a:4f:25:6a:a8:ba:46:ab:df:2a:6e:
                    34:3c:ac:93:70:81:ec:a4:00:e8:a4:e6:4e:bd:9d:
                    61:c4:8e:61:c5:f6:6d:32:6f:4e:55:63:b1:46:c3:
                    61:c5:a9:85:40:c6:95:bf:d6:d5:64:b6:30:b6:01:
                    3b:eb:b0:4b:d9:82:c8:8c:0e:09:44:06:aa:55:e7:
                    57:a4:03:22:2b:d4:bf:9a:a4:70:4f:1c:8f:f4:36:
                    6a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                04:F8:E5:12:8B:FF:0E:56:DD:66:29:B5:14:59:CF:C4:E8:AE:50:B9
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:wxmonitor.aero
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Jan 23 13:17:51.361 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:54:97:3C:F6:1C:DF:1D:B6:D1:4C:3A:B9:
                                32:78:24:62:14:54:7F:5A:02:9D:F6:65:DD:F8:A9:6D:
                                A6:92:92:9B:02:20:4F:E5:C1:C2:96:93:DE:5A:08:8B:
                                16:D5:CB:EA:C0:B5:70:E7:48:83:C9:B2:80:C6:12:2D:
                                96:FB:08:72:52:0B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Jan 23 13:17:51.571 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F6:84:A7:6B:33:A7:C4:E2:E0:1E:2B:
                                5F:3A:2B:EE:47:27:61:D4:C0:D0:4D:0A:01:21:F8:3D:
                                BC:D8:32:6F:C3:02:20:7E:F5:DC:11:41:85:B8:E3:87:
                                58:90:3A:21:EF:2F:C7:FF:61:3F:A6:89:54:92:93:CB:
                                9E:EA:54:19:A8:6D:B8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6b:db:b0:84:35:b2:eb:39:f0:ae:11:46:05:86:78:83:4f:0f:
        f3:de:3f:96:b5:b1:62:b3:f8:e3:17:ee:8d:22:42:fc:f8:e3:
        63:7e:75:6c:4f:5a:a5:93:bc:26:17:b9:dc:cc:5e:3e:c5:fa:
        d4:7f:63:88:9b:d1:cc:0b:46:71:a6:b9:b1:67:d2:d7:f2:b1:
        00:e4:d8:5b:2e:f7:f0:ab:6b:1f:43:c2:0c:f7:d4:90:7c:52:
        79:1f:bd:1a:ea:b8:2e:69:95:54:2e:23:38:12:59:b9:2f:f8:
        b5:67:40:ad:62:4c:9c:bc:eb:ef:39:5b:67:b9:b1:f7:8f:78:
        8f:01:47:c4:fb:80:1e:4a:e2:8e:ca:31:69:27:e1:af:99:91:
        dd:ae:94:a9:d3:78:42:1d:a3:70:8f:68:dd:67:81:8b:ea:12:
        79:23:54:b0:df:0b:32:7c:da:45:cd:98:21:fd:29:f5:96:f8:
        b2:88:12:5e:9d:ee:b7:fe:cf:46:4f:aa:52:44:1a:ce:f3:a6:
        1c:79:61:fa:8a:45:ce:5d:88:47:64:cf:8a:d3:1b:e1:82:82:
        dd:34:a3:f6:bd:a5:99:c1:7b:49:2b:31:4f:b1:79:6b:c2:f6:
        81:d3:a5:98:4e:91:6f:58:78:34:b0:f0:af:5b:00:a3:df:ca:
        d8:8f:46:ed

Vulnerabilities

138.68.109.1

Last Seen: 2025-03-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

-691827775 | 2025-02-20T08:27:57.580397

OpenSSH7.2p2 Ubuntu 4ubuntu2.8

443 / tcp

321493526 | 2025-03-07T12:24:09.291361

Hashes

nginx

Products

Pricing

Contact Us

138.68.109.1

Last Seen: 2025-03-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

22 / tcp -691827775 | 2025-02-20T08:27:57.580397

OpenSSH7.2p2 Ubuntu 4ubuntu2.8

443 / tcp 321493526 | 2025-03-07T12:24:09.291361

Hashes

nginx

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-691827775 | 2025-02-20T08:27:57.580397

443 / tcp

321493526 | 2025-03-07T12:24:09.291361