GeneralInformation

Hostnames	bhollandlawfirm.com
Domains	bhollandlawfirm.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

CDN

JavaScript libraries

Miscellaneous

Tag managers

Video players

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

OpenPorts

80 443 2052 2082 2083 2086 2087 8080 8443 8880

1338823983 | 2024-04-26T19:42:59.460982

80 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 19:42:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a90f245d2c08f6-LAX

-314656590 | 2024-05-01T05:40:58.110291

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 01 May 2024 05:40:54 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Set-Cookie: CFID=Z48wvvc8a21o9dislq50j3r0ujl93acgic6ip9jcccaq2mkawa7-157134020; Domain=.bhollandlawfirm.com; Expires=Fri, 24-Apr-2054 05:40:54 GMT; Path=/; HttpOnly
Set-Cookie: CFTOKEN=Z48wvvc8a21o9dislq50j3r0ujl93acgic6ip9jcccaq2mkawa7-58ac80b61247959d-FAB36F4F-CC98-B342-90EE69C5B1FEB6A4; Domain=.bhollandlawfirm.com; Expires=Fri, 24-Apr-2054 05:40:54 GMT; Path=/; HttpOnly
Set-Cookie: ONSERVER=118%2DA; Path=/
Set-Cookie: EX_HTTP_REFERER=""; Path=/
Set-Cookie: ENTRY_TEMPLATE=www%2Ebhollandlawfirm%2Ecom%2F; Path=/
X-Powered-By: DSS
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVTKNy%2BV3tnQwlaBlCIj8zu1Ho7sig0P4oyGUoct8aRPBI5UfAz75b7qtuZecqS6US9Tl7QAU4f%2BfKBFDmDtGKarHCBtc%2FjAjZ124zwnL99%2ByxYeS6J6kciLS70STTOAToraDahjFvXTfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=0; preload
Server: cloudflare
CF-RAY: 87cd707dff0e17e0-SJC
alt-svc: h3=":443"; ma=86400

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:da:a6:6c:54:96:b0:6e:95:7b:fc:8b:52:92:d3:b8:6d:1a
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E1
        Validity
            Not Before: Apr 24 09:58:18 2024 GMT
            Not After : Jul 23 09:58:17 2024 GMT
        Subject: CN=bhollandlawfirm.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:87:92:8b:a7:5b:50:4f:80:4c:d9:39:c3:15:9a:
                    69:ca:50:4d:fb:26:bd:e1:0f:00:8d:df:6e:5c:65:
                    59:5b:61:57:9b:4d:40:34:5c:93:67:7c:98:73:1c:
                    3a:81:64:e7:2a:a9:9f:a3:04:19:d0:48:41:3a:d5:
                    31:1b:8c:13:1a
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                64:16:17:A1:CF:7A:8E:A0:03:8E:05:5E:FA:AF:B3:7C:BD:D8:A0:07
            X509v3 Authority Key Identifier: 
                5A:F3:ED:2B:FC:36:C2:37:79:B9:52:30:EA:54:6F:CF:55:CB:2E:AC
            Authority Information Access: 
                OCSP - URI:http://e1.o.lencr.org
                CA Issuers - URI:http://e1.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.bhollandlawfirm.com, DNS:bhollandlawfirm.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 24 10:58:18.353 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:21:4F:79:C4:93:F6:D7:90:6B:01:9D:2E:
                                57:BA:C6:87:F2:88:C5:92:A5:C0:5A:63:03:48:72:A1:
                                16:59:A8:E4:02:20:4D:FC:AB:87:A6:51:BD:C3:01:6F:
                                08:B2:11:18:70:EB:02:A8:2D:8B:0A:3D:50:41:5E:3E:
                                9F:09:FD:06:8F:CB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr 24 10:58:18.543 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:52:B7:EB:71:71:42:5B:D4:53:B9:B4:E1:
                                C6:67:93:08:CD:AF:2F:03:81:6F:B0:4F:EF:27:13:78:
                                83:5C:ED:B3:02:20:04:85:ED:2E:72:21:DC:C3:60:39:
                                4E:34:2F:B3:A3:95:28:F2:2E:6B:4F:E6:40:6F:1B:2B:
                                A7:E8:9D:CA:1A:F9
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:66:02:31:00:eb:ad:e1:d7:6e:e7:dd:37:91:48:b8:43:95:
        08:5b:ea:88:6a:f9:a4:08:17:44:d6:e2:83:19:a3:68:4d:49:
        57:92:04:de:27:a5:6c:d0:7b:7e:1f:5b:5d:67:35:c9:15:02:
        31:00:ae:1b:1d:96:db:97:d4:4e:74:2d:fe:c9:94:f4:f0:20:
        cb:d3:98:85:bb:00:cc:cb:5b:46:b4:c2:af:b9:7b:94:cd:94:
        b3:46:73:cd:bf:2c:6c:e9:72:9b:9c:fc:f6:75

228141129 | 2024-04-03T18:03:43.133678

2052 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 03 Apr 2024 18:03:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86eafa1a8bc3b933-AMS

632424584 | 2024-04-26T02:25:20.551407

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 02:25:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a31f275cac4696-DFW

141477257 | 2024-04-30T17:16:51.618618

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 30 Apr 2024 17:16:51 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-1909616664 | 2024-04-24T18:58:14.310279

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 18:58:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879852d76d8d7bc5-LAX

-934880551 | 2024-04-30T09:23:08.957136

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 30 Apr 2024 09:23:08 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

-1426206951 | 2024-04-24T09:10:56.984097

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 09:10:56 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8794f68e1baf96e5-AMS

141477257 | 2024-04-26T06:01:18.445115

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 26 Apr 2024 06:01:18 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-1257300506 | 2024-04-29T03:22:08.829025

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Mon, 29 Apr 2024 03:22:08 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 87bc2a7cbb25db9a-LAX

error code: 1003

104.21.72.251

Last Seen: 2024-05-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1338823983 | 2024-04-26T19:42:59.460982
80 / tcp

CloudFlare

-314656590 | 2024-05-01T05:40:58.110291
443 / tcp

228141129 | 2024-04-03T18:03:43.133678
2052 / tcp

632424584 | 2024-04-26T02:25:20.551407
2082 / tcp

141477257 | 2024-04-30T17:16:51.618618
2083 / tcp

-1909616664 | 2024-04-24T18:58:14.310279
2086 / tcp

-934880551 | 2024-04-30T09:23:08.957136
2087 / tcp

-1426206951 | 2024-04-24T09:10:56.984097
8080 / tcp

CloudFlare

141477257 | 2024-04-26T06:01:18.445115
8443 / tcp

CloudFlare

-1257300506 | 2024-04-29T03:22:08.829025
8880 / tcp

Products

Pricing

Contact Us

104.21.72.251

Last Seen: 2024-05-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1338823983 | 2024-04-26T19:42:59.460982 80 / tcp

CloudFlare

-314656590 | 2024-05-01T05:40:58.110291 443 / tcp

228141129 | 2024-04-03T18:03:43.133678 2052 / tcp

632424584 | 2024-04-26T02:25:20.551407 2082 / tcp

141477257 | 2024-04-30T17:16:51.618618 2083 / tcp

-1909616664 | 2024-04-24T18:58:14.310279 2086 / tcp

-934880551 | 2024-04-30T09:23:08.957136 2087 / tcp

-1426206951 | 2024-04-24T09:10:56.984097 8080 / tcp

CloudFlare

141477257 | 2024-04-26T06:01:18.445115 8443 / tcp

CloudFlare

-1257300506 | 2024-04-29T03:22:08.829025 8880 / tcp

Products

Pricing

Contact Us

1338823983 | 2024-04-26T19:42:59.460982
80 / tcp

-314656590 | 2024-05-01T05:40:58.110291
443 / tcp

228141129 | 2024-04-03T18:03:43.133678
2052 / tcp

632424584 | 2024-04-26T02:25:20.551407
2082 / tcp

141477257 | 2024-04-30T17:16:51.618618
2083 / tcp

-1909616664 | 2024-04-24T18:58:14.310279
2086 / tcp

-934880551 | 2024-04-30T09:23:08.957136
2087 / tcp

-1426206951 | 2024-04-24T09:10:56.984097
8080 / tcp

141477257 | 2024-04-26T06:01:18.445115
8443 / tcp

-1257300506 | 2024-04-29T03:22:08.829025
8880 / tcp