Reported vulnerability on Access Denied page

We’re using Kinsta https://kinsta.com as a host for our site which in turn utilizes Cloudflare.

We also use Detectify https://detectify.com to scan for vulnerabilities on our site and on http://site.com:8080 it reports that
https://performance.radar.cloudflare.com/beacon.js is missing an integrity check.

  • What does beacon.js in this case do?
  • What does port 8080 do?
  • Is this something to be concerned about in terms of security risks?
  • Is it possible to add an integrity attribute to this script somehow?

I don’t think I can answer this with any certainty, but I would assume it measures some data from the browser and reports it back to Cloudflare. Could be related to their radar.cloudflare.com monitoring service given the URL.

Port 8080 is one of the HTTP ports supported by Cloudflare. I do not know why Kinsta’s web servers would be using it, that may be a question better aimed at them.

Not really. That script appearing on the access denied page is normal and has been seen multiple times before.

I doubt it.