GeneralInformation

Hostnames	genesis-connected.com
Domains	genesis-connected.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

Analytics

Google Analytics

MonsterInsights7.10.0

Blogs

WordPress

CDN

Cloudflare

CMS

WordPress

Databases

MySQL

Ecommerce

WooCommerce3.5.4

Abicart

Form builders

Gravity Forms2.4.3

JavaScript libraries

jQuery

jQuery Migrate1.4.1

Underscore.js1.8.3

Photo galleries

Slider Revolution5.4.8.1

Programming languages

PHP

Tag managers

Google Tag Manager

UI frameworks

ZURB Foundation

Bootstrap

Widgets

Slider Revolution5.4.8.1

WordPress plugins

WooCommerce3.5.4

Gravity Forms2.4.3

MonsterInsights7.10.0

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(1)

CVE-2024-9944

5.3The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. This is due to the plugin not properly neutralizing HTML elements from submitted order forms. This makes it possible for unauthenticated attackers to inject arbitrary HTML that will render when the administrator views order form submissions.

2023(1)

CVE-2023-52222

4.3Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.

2022(2)

CVE-2022-2099

4.8The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles

CVE-2022-0775

4.3The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

2021(2)

CVE-2021-32790

4.9Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. There are no known workarounds other than upgrading.

CVE-2021-24323

4.8When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled

2020(1)

CVE-2020-29156

5.3The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.

2019(2)

CVE-2019-20891

8.8WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery (CSRF) issue with resultant stored cross-site scripting (XSS) via includes/admin/importers/class-wc-product-csv-importer-controller.php.

CVE-2019-9168

6.1WooCommerce before 3.5.5 allows XSS via a Photoswipe caption.

OpenPorts

80 443 2052 2082 2083 2086 2087 8080 8443 8880

80 / tcp

1823992256 | 2025-03-24T18:17:32.220805

Hashes

hash

-1522692560

http.dom_hash

141679194

http.html_hash

1823992256

http.server_hash

958142897

http.title_hash

-1039101684

Direct IP access not allowed | Cloudflare

HTTP/1.1 403 Forbidden
Date: Mon, 24 Mar 2025 18:17:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 92582a785e3d661c-AMS

443 / tcp

645570832 | 2025-03-24T21:44:20.788102

Hashes

hash

799343306

http.dom_hash

1740582101

http.favicon.hash

-179711502

http.html_hash

645570832

http.server_hash

958142897

http.title_hash

-327732120

Genesis Connected Solutions

HTTP/1.1 200 OK
Date: Mon, 24 Mar 2025 21:44:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: wp_woocommerce_session_58ab32d3852f31bc0865a23cdd1745a3=349d7115ea076f3a83cd3e0421e237c1%7C%7C1743025460%7C%7C1743021860%7C%7C2d41c18ccd126548eb6992efa1d6cdbd; expires=Wed, 26-Mar-2025 21:44:20 GMT; Max-Age=172800; path=/
Set-Cookie: yith_ywraq_session_58ab32d3852f31bc0865a23cdd1745a3=04eebc94beb9157c5ee7dfe36ab57116%7C%7C1743025460%7C%7C1743021860%7C%7Cac16ff610de616a84e2296fa6a7185c0; expires=Wed, 26-Mar-2025 21:44:20 GMT; Max-Age=172800; path=/
Link: <https://genesis-connected.com/wp-json/>; rel="https://api.w.org/"
Link: <https://genesis-connected.com/>; rel=shortlink
Vary: Accept-Encoding
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vz3fLvbZUDMhc8ljjoOiDlYLWjKE90xNQTuV%2BMJeFddvmLJ2GVw40BNtrFIja6KJwlpgvXpqcCu4OBOglc60Ps47tPo%2BqUPsDZ1iiV4pfDCd3brE50P7cZm39ot%2FJW8WjubEheuCg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 92595966986cfa3e-SJC
server-timing: cfL4;desc="?proto=TCP&rtt=1272&min_rtt=1255&rtt_var=367&sent=5&recv=7&lost=0&retrans=0&sent_bytes=3026&recv_bytes=938&delivery_rate=2303898&cwnd=237&unsent_bytes=0&cid=a43b868fc88d336e&ts=510&x=0"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:31:97:ee:10:21:2f:ee:0e:61:70:43:2b:00:72:58
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=US, O=Google Trust Services, CN=WE1
        Validity
            Not Before: Mar 17 22:35:02 2025 GMT
            Not After : Jun 15 23:34:58 2025 GMT
        Subject: CN=genesis-connected.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:d8:5a:e7:ac:cd:20:15:e1:d5:1f:d7:65:7d:7a:
                    83:94:08:bc:6d:3b:70:c2:d5:28:98:74:d2:02:ae:
                    1d:09:33:33:46:9d:ed:2f:cc:0a:3a:70:9b:6e:ef:
                    28:cc:b0:83:a6:77:b4:ae:8d:87:61:51:a6:46:a9:
                    28:53:dc:d5:9d
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B2:0E:7B:93:F6:81:E7:F3:45:7D:5E:69:E4:A2:94:81:21:02:D1:D4
            X509v3 Authority Key Identifier: 
                90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38
            Authority Information Access: 
                OCSP - URI:http://o.pki.goog/s/we1/YjE
                CA Issuers - URI:http://i.pki.goog/we1.crt
            X509v3 Subject Alternative Name: 
                DNS:genesis-connected.com, DNS:*.genesis-connected.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://c.pki.goog/we1/jQ595FtbPDk.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Mar 17 23:35:02.515 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:23:13:28:68:49:96:0A:01:60:60:97:A2:
                                DA:DA:4E:9D:66:C6:10:81:6A:0C:54:56:D4:46:A3:3F:
                                64:F9:AF:9E:02:21:00:C4:6B:9A:04:70:4E:3D:DA:D3:
                                EF:4D:54:67:98:BD:0C:BD:BE:D1:CF:81:FF:63:1D:5C:
                                CB:B4:9F:4B:2B:DD:85
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Mar 17 23:35:02.853 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:34:1D:A8:91:96:E1:C9:8A:61:7F:E3:E6:
                                BC:1A:0C:9D:66:0C:50:D7:F6:9C:AF:57:70:D7:E6:82:
                                61:E3:84:F5:02:20:19:BA:C8:73:16:0A:B5:FD:14:FB:
                                D2:E0:F5:43:70:65:2A:A1:6C:7F:05:B9:1E:1F:AE:C1:
                                F1:0F:CB:38:0B:68
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:45:02:20:6d:00:66:a5:83:06:ae:07:ef:7d:32:e2:62:e8:
        39:12:97:2f:0c:36:a1:a7:cc:5d:c8:47:f5:ca:a1:0e:31:e9:
        02:21:00:99:76:94:1c:6e:ca:c4:4c:6a:f6:ca:d1:57:52:b8:
        04:a2:f1:8d:b8:b0:80:fa:f0:f9:63:99:d5:f2:f1:cc:38

Vulnerabilities

1 8

2052 / tcp

1197720512 | 2025-03-05T12:46:26.479668

Hashes

hash

-411059176

http.dom_hash

141679194

http.html_hash

1197720512

http.server_hash

958142897

http.title_hash

-1039101684

Direct IP access not allowed | Cloudflare

HTTP/1.1 403 Forbidden
Date: Wed, 05 Mar 2025 12:46:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91b9b75779d7e530-DFW

2082 / tcp

603562633 | 2025-03-04T20:50:32.003700

Hashes

hash

-687874411

http.dom_hash

141679194

http.html_hash

603562633

http.server_hash

958142897

http.title_hash

-1039101684

Direct IP access not allowed | Cloudflare

HTTP/1.1 403 Forbidden
Date: Tue, 04 Mar 2025 20:50:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91b43f15faefe9e4-LAX

2083 / tcp

141477257 | 2025-03-16T02:37:05.064046

Hashes

hash

-1670842400

http.dom_hash

1678420308

http.html_hash

141477257

http.server_hash

958142897

http.title_hash

-1391280995

400 The plain HTTP request was sent to HTTPS port

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 16 Mar 2025 02:37:05 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

2086 / tcp

-263694738 | 2025-03-24T23:25:36.461711

Hashes

hash

-652765860

http.dom_hash

141679194

http.html_hash

-263694738

http.server_hash

958142897

http.title_hash

-1039101684

Direct IP access not allowed | Cloudflare

HTTP/1.1 403 Forbidden
Date: Mon, 24 Mar 2025 23:25:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 9259edbedd2cfb85-AMS

2087 / tcp

-2049847257 | 2025-03-22T18:22:40.032029

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sat, 22 Mar 2025 18:22:40 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

8080 / tcp

1755587234 | 2025-03-07T14:26:13.429085

Hashes

hash

1281197663

http.dom_hash

141679194

http.html_hash

1755587234

http.server_hash

958142897

http.title_hash

-1039101684

Direct IP access not allowed | Cloudflare

HTTP/1.1 403 Forbidden
Date: Fri, 07 Mar 2025 14:26:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91cac4417b0593c0-AMS

8443 / tcp

141477257 | 2025-03-24T08:39:08.897150

Hashes

hash

-389621033

http.dom_hash

1678420308

http.html_hash

141477257

http.server_hash

958142897

http.title_hash

-1391280995

400 The plain HTTP request was sent to HTTPS port

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Mon, 24 Mar 2025 08:39:08 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

8880 / tcp

-1057017807 | 2025-03-22T08:33:54.459122

HTTP/1.1 403 Forbidden
Date: Sat, 22 Mar 2025 08:33:54 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 924458cb4e8c3acf-DFW

error code: 1003

172.67.97.67

Last Seen: 2025-03-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

1823992256 | 2025-03-24T18:17:32.220805

Hashes

CloudFlare

443 / tcp

645570832 | 2025-03-24T21:44:20.788102

Hashes

2052 / tcp

1197720512 | 2025-03-05T12:46:26.479668

Hashes

2082 / tcp

603562633 | 2025-03-04T20:50:32.003700

Hashes

2083 / tcp

141477257 | 2025-03-16T02:37:05.064046

Hashes

2086 / tcp

-263694738 | 2025-03-24T23:25:36.461711

Hashes

2087 / tcp

-2049847257 | 2025-03-22T18:22:40.032029

8080 / tcp

1755587234 | 2025-03-07T14:26:13.429085

Hashes

CloudFlare

8443 / tcp

141477257 | 2025-03-24T08:39:08.897150

Hashes

CloudFlare

8880 / tcp

-1057017807 | 2025-03-22T08:33:54.459122

Products

Pricing

Contact Us

172.67.97.67

Last Seen: 2025-03-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp 1823992256 | 2025-03-24T18:17:32.220805

Hashes

CloudFlare

443 / tcp 645570832 | 2025-03-24T21:44:20.788102

Hashes

2052 / tcp 1197720512 | 2025-03-05T12:46:26.479668

Hashes

2082 / tcp 603562633 | 2025-03-04T20:50:32.003700

Hashes

2083 / tcp 141477257 | 2025-03-16T02:37:05.064046

Hashes

2086 / tcp -263694738 | 2025-03-24T23:25:36.461711

Hashes

2087 / tcp -2049847257 | 2025-03-22T18:22:40.032029

8080 / tcp 1755587234 | 2025-03-07T14:26:13.429085

Hashes

CloudFlare

8443 / tcp 141477257 | 2025-03-24T08:39:08.897150

Hashes

CloudFlare

8880 / tcp -1057017807 | 2025-03-22T08:33:54.459122

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1823992256 | 2025-03-24T18:17:32.220805

443 / tcp

645570832 | 2025-03-24T21:44:20.788102

2052 / tcp

1197720512 | 2025-03-05T12:46:26.479668

2082 / tcp

603562633 | 2025-03-04T20:50:32.003700

2083 / tcp

141477257 | 2025-03-16T02:37:05.064046

2086 / tcp

-263694738 | 2025-03-24T23:25:36.461711

2087 / tcp

-2049847257 | 2025-03-22T18:22:40.032029

8080 / tcp

1755587234 | 2025-03-07T14:26:13.429085

8443 / tcp

141477257 | 2025-03-24T08:39:08.897150

8880 / tcp

-1057017807 | 2025-03-22T08:33:54.459122