GeneralInformation

Hostnames	9.10.190.35.bc.googleusercontent.com ozflatmates.com www.ozflatmates.com
Domains	googleusercontent.com ozflatmates.com
Cloud Provider	Google
Cloud Region	global
Country	United States
City	Kansas City
Organization	Google LLC
ISP	Google LLC
ASN	AS15169

WebTechnologies

A/B Testing

OneSignal

Analytics

Google Analytics

CDN

Google Hosted Libraries

JavaScript frameworks

AngularJS1.7.5

JavaScript libraries

jQuery3.6.0

Marketing automation

OneSignal

Programming languages

Ruby

Tag managers

Google Tag Manager

Web frameworks

Ruby on Rails

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(3)

CVE-2024-21490

7.5This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:** This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).

CVE-2024-8373

4.8Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

CVE-2024-8372

4.8Improper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

2020(1)

CVE-2020-7676

5.4angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

2019(1)

CVE-2019-10768

7.5In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.

OpenPorts

80 443

80 / tcp

1584412971 | 2025-03-21T20:02:15.286324

Hashes

hash

-338707026

http.dom_hash

1239617585

http.html_hash

1584412971

http.robots_hash

-731539394

http.server_hash

-1786963686

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Fri, 21 Mar 2025 20:02:14 GMT
Content-Type: text/html
Content-Length: 169
Location: https://ozflatmates.com/
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Via: 1.1 google

Vulnerabilities

443 / tcp

2059733210 | 2025-03-21T20:02:19.427321

Hashes

hash

-251970176

http.dom_hash

1529822891

http.favicon.hash

-655525221

http.html_hash

2059733210

http.robots_hash

-731539394

http.server_hash

1543607293

http.title_hash

-1847770369

Share Accommodation Australia

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-Request-Id: d773f873-d8eb-4d39-b4cf-3e1caaf99374
X-Download-Options: noopen
ETag: W/"4492d4ac89c598aa4330e8e36ef8f9b0"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.339723
X-Content-Type-Options: nosniff
Date: Fri, 21 Mar 2025 20:02:19 GMT
Set-Cookie: _ris_session=6hx8eR8fHZ%2Fa51sUWOgfN%2FnvzbUw2LDpNxa3%2BkKp6BH%2FYZK4vUa%2FXlusuuYJGR4TbcGyrvX37CbbJHo04BWMPVsvt0xhWgwe%2BTCon3kcX4oVMcSA44FtvrXE78ZAu2k2gPF%2B1OhjMvKmsenFzE44vGaMFmHzD7DRYHzZYGTzaGqsG93zm38gOQVFZO5TaenP5hQttprTJCg82hAwSTovVFW3IxkG3Nnl%2Bn9sviTQcDCkSpEM39m2yabVzMGOaZynjnyp4X5qD4AzMeJNB0zhbW3CWo4%3D--l09LgOSrZeyTypUP--8E24M5mpVcuKaAAEXnbPtw%3D%3D; path=/; HttpOnly
X-Powered-By: Phusion Passenger(R) 6.0.24
Server: nginx/1.18.0 + Phusion Passenger(R) 6.0.24
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:1c:ca:4a:4c:70:99:86:10:64:2b:d5:68:d5:49:df
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services, CN=WR3
        Validity
            Not Before: Feb  2 19:01:15 2025 GMT
            Not After : May  3 19:56:09 2025 GMT
        Subject: CN=www.ozflatmates.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d5:96:6d:ab:cf:ed:d8:95:64:47:82:7b:aa:d9:
                    cf:75:a4:09:ab:a1:37:3f:c1:15:37:50:55:a8:f1:
                    46:ed:fd:e1:e7:bf:ff:2a:62:bd:9d:fa:1f:04:40:
                    9a:50:31:b3:f5:2d:82:e2:85:dc:74:82:82:88:b5:
                    97:6a:59:27:76:37:80:4f:4a:fe:60:8d:9a:05:67:
                    fa:92:4b:c5:db:a6:11:0b:81:f3:36:5c:de:0c:87:
                    e8:8d:53:5d:3b:aa:5a:04:33:64:6c:9f:db:a1:2e:
                    47:84:fc:3c:8f:dc:e5:8a:c2:29:d9:65:d0:3f:af:
                    64:ab:c3:17:21:c8:13:74:49:01:4a:48:1f:85:a2:
                    2c:0b:4f:c9:f2:7e:75:7c:ed:19:e5:19:2a:e8:5d:
                    3f:57:06:c4:05:c4:f8:a5:a7:8c:61:60:be:bc:57:
                    80:b3:70:18:70:3b:b3:0f:6d:7f:f6:3d:f4:af:ae:
                    da:0e:70:e5:71:2c:29:76:38:1e:9c:8e:72:63:1a:
                    c5:a7:57:e7:75:a9:ef:d7:76:09:86:08:00:43:ed:
                    59:13:97:5e:17:28:ea:dc:90:0d:6b:3e:a2:0a:61:
                    91:bc:27:cb:63:b2:5d:45:d2:db:c4:fa:48:86:62:
                    dd:c8:f3:2a:31:65:b7:45:68:35:22:14:79:43:9d:
                    5b:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                72:68:CF:5F:A4:D0:86:7F:25:44:39:36:FC:8B:C7:0A:A2:0D:8E:A4
            X509v3 Authority Key Identifier: 
                C7:81:F5:FD:8E:88:D9:00:3C:4D:63:A2:50:31:24:A0:CE:23:FE:23
            Authority Information Access: 
                OCSP - URI:http://o.pki.goog/s/wr3/eBw
                CA Issuers - URI:http://i.pki.goog/wr3.crt
            X509v3 Subject Alternative Name: 
                DNS:www.ozflatmates.com, DNS:ozflatmates.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://c.pki.goog/wr3/j4D3Tr5YkBE.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb  2 20:01:16.056 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:19:AA:84:3F:95:4C:D6:B3:11:3D:F1:F0:
                                C2:31:1D:69:B8:1F:F2:0F:39:FA:2D:6A:C5:18:A4:C4:
                                43:92:F0:75:02:20:18:62:6B:88:23:96:F1:9C:11:C4:
                                32:00:43:43:6F:18:B2:3E:39:E4:BF:6F:0C:E0:1F:45:
                                E6:3F:DE:C1:C6:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Feb  2 20:01:16.274 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9A:42:26:D8:47:9E:45:17:6D:B0:B7:
                                2E:67:DD:74:27:A1:29:5E:BE:C5:EB:9F:91:D5:10:EB:
                                E8:58:71:DC:80:02:20:21:F0:C5:D8:B3:89:1C:A6:4D:
                                82:61:20:CE:79:35:0C:C3:8C:1C:07:81:51:57:38:A0:
                                FD:E8:27:7D:98:17:09
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6f:e7:fc:48:0e:6a:9e:05:2a:72:d3:f7:73:90:f2:ad:96:00:
        94:db:78:d3:de:6d:10:4c:13:b5:de:2b:33:bb:3b:36:4e:f0:
        b8:33:48:7d:93:48:8f:08:9f:c6:82:27:ec:6a:05:27:ef:0b:
        6c:f7:d2:df:af:a3:e8:49:33:9a:fa:b4:1c:ab:aa:2b:84:5f:
        89:3c:cb:5e:dd:47:4e:8a:51:ce:ee:30:19:12:f2:0b:cf:c4:
        7b:bb:ee:1b:0c:d8:05:cb:f1:9d:48:6b:a6:ed:58:d7:ef:40:
        b2:06:77:fb:28:68:6b:66:60:8f:6e:b3:e7:4e:cd:64:40:06:
        da:70:e1:a9:3e:79:20:72:79:c1:d6:0a:34:90:b8:6b:38:4f:
        6e:12:2c:0d:d4:f6:24:a6:8e:fc:90:2a:79:c7:62:c8:3b:82:
        73:13:b3:f3:4c:a2:ef:70:ce:c9:f8:f1:30:f5:c5:dd:57:ef:
        59:84:1b:91:28:ae:cd:54:3c:ec:44:74:53:1a:b6:6b:7f:c9:
        be:2a:92:f6:aa:5d:92:8f:fa:48:72:1e:a7:30:7d:b8:d3:4a:
        58:74:2c:b0:e7:39:53:78:4a:0a:7a:d5:40:3b:0f:c6:53:ab:
        53:71:c5:5a:f0:46:0b:1f:81:b7:37:19:34:4c:2d:62:48:7b:
        7b:24:55:ed

Vulnerabilities

5 3

35.190.10.9

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

1584412971 | 2025-03-21T20:02:15.286324

Hashes

nginx1.18.0

443 / tcp

2059733210 | 2025-03-21T20:02:19.427321

Hashes

nginx1.18.0

Products

Pricing

Contact Us

35.190.10.9

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp 1584412971 | 2025-03-21T20:02:15.286324

Hashes

nginx1.18.0

443 / tcp 2059733210 | 2025-03-21T20:02:19.427321

Hashes

nginx1.18.0

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1584412971 | 2025-03-21T20:02:15.286324

443 / tcp

2059733210 | 2025-03-21T20:02:19.427321