GeneralInformation

Hostnames	buydig.com api.buydig.com static.buydig.com thereal.buydig.com trk.buydig.com www.buydig.com
Domains	buydig.com
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

Analytics

Documentation

Issue trackers

JavaScript libraries

Live chat

Marketing automation

Reviews

Security

Tag managers

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

OpenPorts

80 443

-1903558660 | 2024-05-11T22:52:25.983789

80 / tcp

HTTP/1.1 301 Moved Permanently
Date: Sat, 11 May 2024 22:52:25 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 11 May 2024 23:52:25 GMT
Location: https://thereal.buydig.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8825bd433901176d-SJC

-1949075219 | 2024-05-12T04:36:43.828338

443 / tcp

HTTP/1.1 200 OK
Date: Sun, 12 May 2024 04:36:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
vary: Accept-Encoding
x-backend-node: buydig-prod
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-cache-backend: MISS
x-cache-backend-hits: 0
x-cache-backend-node: ingress-varnish-6c7c6fc645-4shmc
backend-age: 0
accept-ranges: bytes
x-modsec-node: httpd-modsec-xqb4r
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8827b5978ebf1583-SJC

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:1e:32:94:ab:fa:79:ee:1a:04:0e:a9:35:7c:27:ad:c1:5f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 25 09:00:20 2024 GMT
            Not After : Jul 24 09:00:19 2024 GMT
        Subject: CN=www.buydig.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c1:96:a0:3b:63:c7:30:a6:77:4f:7f:cc:5b:49:
                    21:fe:61:56:80:ac:d9:e0:33:71:d6:9d:77:7f:35:
                    85:ea:12:89:ba:eb:8c:ed:9e:29:06:5b:d8:f3:a2:
                    46:3c:96:fc:4a:63:05:d3:4a:98:b7:13:04:1e:d4:
                    b7:bf:30:a8:dc:fc:58:af:59:7e:93:67:a7:1b:d4:
                    d6:88:c1:db:6c:22:f2:76:aa:35:d4:61:05:09:bb:
                    f6:b2:58:4c:88:4e:4c:6e:f7:d2:94:96:42:f1:df:
                    23:be:73:ce:ff:42:ba:c3:23:d7:ab:af:57:a4:91:
                    9b:9f:36:f7:52:9c:6b:81:d7:ad:39:ea:7e:19:7d:
                    ec:24:b8:fb:3f:c5:06:4d:89:37:4a:39:05:9e:2a:
                    ce:86:63:09:10:2c:78:df:01:d2:9c:b0:19:1b:ec:
                    b0:47:04:2d:61:3c:c7:70:06:fb:e1:8a:92:40:ed:
                    29:d5:ed:4f:e1:35:4b:68:58:32:29:c4:e3:4b:49:
                    ef:da:64:b8:89:4e:3f:12:84:64:2b:01:56:e9:3d:
                    b5:f3:99:88:21:db:ca:49:09:b1:ba:b6:83:2a:d7:
                    fe:7d:4d:65:75:5e:12:56:ca:8c:0f:92:3a:46:52:
                    cf:26:98:67:41:72:49:8b:34:5b:bb:4f:e3:be:60:
                    70:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                43:F3:0C:66:21:6B:3F:2F:CC:C9:6C:AB:C1:4A:BE:7C:1E:53:D4:20
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.buydig.com, DNS:buydig.com, DNS:static.buydig.com, DNS:thereal.buydig.com, DNS:trk.buydig.com, DNS:www.buydig.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 25 10:00:20.378 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:08:20:F9:4A:CB:5B:1F:7A:4B:AC:29:6C:
                                F0:5F:31:08:BB:D2:E9:37:1C:00:70:9F:07:7A:C9:A3:
                                E8:BD:D6:E3:02:21:00:B0:28:FC:C4:BE:73:BC:FA:CB:
                                CA:A3:6A:DE:E7:41:5B:5C:00:03:56:75:2C:D9:55:19:
                                66:41:0E:E4:AC:CE:FC
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 25 10:00:20.401 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B6:50:06:89:27:9B:04:94:BF:1C:35:
                                37:DA:0E:3C:96:1B:47:39:D1:0A:EE:2E:3D:0E:6C:9D:
                                BD:A9:2E:C6:33:02:21:00:F1:8A:49:9F:2F:A7:17:F9:
                                C1:BC:FF:44:55:B5:80:7E:2E:3A:A6:F5:2C:61:9A:CE:
                                F1:36:EB:55:FC:71:04:F8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        91:0b:27:bc:63:b2:01:8e:cd:ae:af:2a:ca:d2:2a:7e:97:f3:
        cd:46:90:a6:54:c7:1c:5e:3e:bc:4e:45:b7:5a:8a:10:cc:08:
        9f:c8:f9:86:df:b4:71:eb:b8:9f:fa:b3:26:f4:ac:fd:67:df:
        85:e0:20:ab:33:d5:d3:e6:64:3c:1c:06:89:56:6c:8f:29:3e:
        0a:c4:09:97:77:1b:b6:de:23:15:eb:25:2c:f7:de:58:87:12:
        6e:c3:b6:ad:ae:88:d7:98:65:f3:22:65:b8:56:fb:74:d9:92:
        c8:7c:5d:93:66:e7:7b:3c:5e:07:4c:48:7d:0b:f9:05:91:1a:
        31:e9:b2:9f:ee:df:5b:2b:d8:f2:f9:0f:a3:64:be:ab:ac:45:
        ee:b7:75:97:85:26:b5:be:66:f8:0d:11:10:1c:29:12:55:73:
        3d:ef:d9:6c:73:cf:39:20:24:c1:31:27:4d:ca:98:d7:bc:f7:
        a8:1f:47:35:dd:da:77:84:57:a4:f0:7b:99:84:61:55:09:0f:
        2d:71:af:c5:fb:37:a0:ad:46:83:24:85:bc:a1:e3:d2:64:6f:
        0d:d5:0e:f2:a7:69:7a:8a:1d:cd:30:1c:75:2f:90:4f:70:03:
        b9:fa:57:30:79:de:0f:f4:38:f0:ea:c6:9a:d5:38:05:9e:e7:
        46:4a:77:64

2606:4700:10::6816:1a8c

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1903558660 | 2024-05-11T22:52:25.983789
80 / tcp

-1949075219 | 2024-05-12T04:36:43.828338
443 / tcp

Products

Pricing

Contact Us

2606:4700:10::6816:1a8c

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1903558660 | 2024-05-11T22:52:25.983789 80 / tcp

-1949075219 | 2024-05-12T04:36:43.828338 443 / tcp

Products

Pricing

Contact Us

-1903558660 | 2024-05-11T22:52:25.983789
80 / tcp

-1949075219 | 2024-05-12T04:36:43.828338
443 / tcp