GeneralInformation

Hostnames	annapolisinternalmedicine.com
Domains	annapolisinternalmedicine.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

JavaScript frameworks

JavaScript libraries

Miscellaneous

Page builders

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2014-6071	4.3jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

80 443 2082 2083 2086 2087 2096 8080 8443 8880

840468400 | 2024-04-03T17:38:17.301172

80 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 03 Apr 2024 17:38:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86ead4d9abe451f5-DEN

-1337072228 | 2024-04-18T02:54:30.093357

443 / tcp

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 02:54:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Server: WEB15
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmfi2d7Qr9etE0q9epc%2B8%2FuUnNg1WYDrcUPQRhAJ4LNOb1TmZe98CDjDxpLG03j%2FSKdRQeEsa5WtFwG6%2BaI2oNr%2FS6nMj2GDIcor5PlxzNWvKZRIa1waDAWfIDhiKyCUF2ncygagQ%2FslZ0RUOOyQXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87615edc4fea255a-SJC
alt-svc: h3=":443"; ma=86400

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:a2:0d:e8:b3:65:bc:09:13:87:e8:12:bf:d3:9f:e2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5
        Validity
            Not Before: Mar 28 19:19:16 2024 GMT
            Not After : Jun 26 19:19:15 2024 GMT
        Subject: CN=annapolisinternalmedicine.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cd:69:77:e2:e7:94:8b:e5:e5:13:f4:73:04:c5:
                    d4:4b:03:f0:4a:db:25:e8:1e:b5:81:16:e9:ee:f9:
                    be:4e:db:16:37:32:42:88:c1:da:06:56:57:ca:30:
                    c1:ce:e6:51:fe:05:f0:b6:f4:21:56:10:bf:8e:af:
                    1a:01:e3:30:29:2a:d3:15:23:d3:65:63:36:ed:84:
                    61:af:bd:52:f9:82:95:f7:c6:7c:f3:b6:ee:64:a9:
                    4f:13:72:00:9f:d5:6b:29:e9:9f:b2:cc:5d:93:61:
                    00:61:d0:71:4d:c1:53:67:d5:1e:ff:4f:dc:37:45:
                    22:94:c9:f6:19:a7:bd:34:6d:91:97:08:33:f4:54:
                    17:e3:0e:4f:4f:9a:d0:77:78:e2:ce:a5:d6:dd:43:
                    13:0d:27:f9:d4:ca:8a:8c:cb:e0:08:d2:ce:72:42:
                    6c:c3:ba:cb:0e:87:96:04:e7:f0:ae:af:02:cb:8f:
                    51:48:48:30:9c:fd:b3:53:70:23:4a:77:2f:00:2c:
                    54:61:a5:eb:0e:76:88:01:a8:ba:d6:9c:03:f7:f7:
                    7b:ac:20:cb:ff:dd:bd:d2:ca:b6:bb:01:c6:67:78:
                    42:53:41:ba:bb:a4:ad:ef:75:51:f0:fd:6f:e5:bb:
                    9e:7a:f6:42:0a:09:72:b4:7d:2f:8a:57:28:13:16:
                    3b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                F6:7F:8E:58:49:81:84:5A:23:B2:5D:A0:C9:DD:09:03:5C:9D:0F:2B
            X509v3 Authority Key Identifier: 
                D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8
            Authority Information Access: 
                OCSP - URI:http://ocsp.pki.goog/s/gts1p5/1-kkFBaHgR0
                CA Issuers - URI:http://pki.goog/repo/certs/gts1p5.der
            X509v3 Subject Alternative Name: 
                DNS:annapolisinternalmedicine.com, DNS:*.annapolisinternalmedicine.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.11129.2.5.3
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crls.pki.goog/gts1p5/67pKTmta1-c.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 28 20:19:16.901 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:29:4E:AC:33:F9:56:3C:87:6E:6E:0F:FA:
                                37:02:B7:5B:74:CA:3C:0F:92:B0:B6:5B:F2:F0:29:0C:
                                E8:1A:E5:A4:02:21:00:DE:F9:B7:A4:F1:54:48:37:37:
                                AB:94:9E:49:70:25:A8:8F:6E:B8:29:AC:45:56:5D:71:
                                61:AA:BF:2C:DD:DB:5B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 28 20:19:16.936 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6C:70:4C:01:F5:45:E6:C9:A3:47:E3:0A:
                                3C:5B:8C:E4:A3:FA:E7:2A:1A:CD:96:51:4B:7C:D7:2B:
                                5A:5E:5F:EF:02:20:7B:A8:33:89:C8:DA:4D:A4:31:CA:
                                93:F9:58:CE:82:5B:6A:2B:8A:93:B1:1F:9F:F7:72:2C:
                                07:8C:EF:4F:60:51
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        08:9b:b0:1b:c5:c5:06:96:fd:c0:ee:2a:ad:20:52:c3:b0:d9:
        25:d1:5f:c9:b2:3c:99:51:f1:45:a2:0f:aa:f3:d0:f1:ca:55:
        e6:94:e1:57:ee:f3:20:90:84:c9:19:89:32:4f:eb:89:ae:de:
        24:68:86:79:48:77:62:ad:01:1c:7d:a8:48:49:bf:85:52:76:
        d5:92:7b:b2:ba:42:5d:b7:c3:70:43:ca:8b:81:d1:ad:8d:38:
        22:a7:a4:52:72:b0:0f:fd:c3:dc:ad:3f:4d:d1:01:00:12:e1:
        53:3a:5a:9a:6e:0a:69:9d:84:1f:f8:ca:a1:17:ed:97:6a:41:
        37:ba:4c:1d:ec:3f:44:6f:77:4b:b7:a5:9a:52:7c:21:26:76:
        f8:90:09:fb:f3:13:69:d6:50:e7:cf:96:8c:b6:05:0a:03:cd:
        8e:22:4a:a3:5d:ff:f9:d7:9c:d4:68:23:86:2a:82:9d:13:fb:
        48:88:ba:23:87:aa:a1:7c:51:e3:ac:9b:24:66:06:e3:d8:d6:
        e7:7b:2a:c9:79:92:68:3d:7f:e1:23:3c:0c:9c:27:1c:4e:39:
        2d:e8:06:5c:7b:21:dd:1a:9a:1d:29:9f:3a:f1:d1:9d:7f:f5:
        21:69:f9:aa:0d:06:46:a4:0b:d5:c6:9b:69:8a:da:8b:24:c1:
        89:7a:5d:4f

301645486 | 2024-04-05T16:36:46.802148

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 05 Apr 2024 16:36:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86faf5802db77ede-LAX

141477257 | 2024-04-14T12:00:31.783803

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 14 Apr 2024 12:00:31 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

1455073657 | 2024-04-14T11:32:45.769291

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 14 Apr 2024 11:32:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87436088fb43e587-DFW

141477257 | 2024-04-19T08:50:38.772557

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 19 Apr 2024 08:50:38 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

141477257 | 2024-04-12T01:50:22.235556

2096 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 12 Apr 2024 01:50:22 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

-1589720764 | 2024-04-14T22:36:15.301667

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 14 Apr 2024 22:36:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87472c739e345b94-VIE

141477257 | 2024-04-01T03:15:20.815668

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Mon, 01 Apr 2024 03:15:20 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

1315552513 | 2024-04-14T01:52:21.939128

8880 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 14 Apr 2024 01:52:21 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 87400e591a8e66ca-AMS

error code: 1003

172.67.136.215

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

840468400 | 2024-04-03T17:38:17.301172
80 / tcp

CloudFlare

-1337072228 | 2024-04-18T02:54:30.093357
443 / tcp

301645486 | 2024-04-05T16:36:46.802148
2082 / tcp

141477257 | 2024-04-14T12:00:31.783803
2083 / tcp

1455073657 | 2024-04-14T11:32:45.769291
2086 / tcp

141477257 | 2024-04-19T08:50:38.772557
2087 / tcp

141477257 | 2024-04-12T01:50:22.235556
2096 / tcp

-1589720764 | 2024-04-14T22:36:15.301667
8080 / tcp

CloudFlare

141477257 | 2024-04-01T03:15:20.815668
8443 / tcp

CloudFlare

1315552513 | 2024-04-14T01:52:21.939128
8880 / tcp

Products

Pricing

Contact Us

172.67.136.215

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

840468400 | 2024-04-03T17:38:17.301172 80 / tcp

CloudFlare

-1337072228 | 2024-04-18T02:54:30.093357 443 / tcp

301645486 | 2024-04-05T16:36:46.802148 2082 / tcp

141477257 | 2024-04-14T12:00:31.783803 2083 / tcp

1455073657 | 2024-04-14T11:32:45.769291 2086 / tcp

141477257 | 2024-04-19T08:50:38.772557 2087 / tcp

141477257 | 2024-04-12T01:50:22.235556 2096 / tcp

-1589720764 | 2024-04-14T22:36:15.301667 8080 / tcp

CloudFlare

141477257 | 2024-04-01T03:15:20.815668 8443 / tcp

CloudFlare

1315552513 | 2024-04-14T01:52:21.939128 8880 / tcp

Products

Pricing

Contact Us

840468400 | 2024-04-03T17:38:17.301172
80 / tcp

-1337072228 | 2024-04-18T02:54:30.093357
443 / tcp

301645486 | 2024-04-05T16:36:46.802148
2082 / tcp

141477257 | 2024-04-14T12:00:31.783803
2083 / tcp

1455073657 | 2024-04-14T11:32:45.769291
2086 / tcp

141477257 | 2024-04-19T08:50:38.772557
2087 / tcp

141477257 | 2024-04-12T01:50:22.235556
2096 / tcp

-1589720764 | 2024-04-14T22:36:15.301667
8080 / tcp

141477257 | 2024-04-01T03:15:20.815668
8443 / tcp

1315552513 | 2024-04-14T01:52:21.939128
8880 / tcp