GeneralInformation

Hostnames	comprestore.cammino.com.br loja.comprestore.com.br
Domains	cammino.com.br comprestore.com.br
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	Clifton
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

Databases

MySQL

Ecommerce

Magentoskin/frontend/

JavaScript frameworks

JavaScript libraries

Programming languages

PHP

Tag managers

Google Tag Manager

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443

864306896 | 2024-05-04T16:10:31.452083

80 / tcp

HTTP/1.1 401 Unauthorized
Date: Sat, 04 May 2024 16:10:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Expect-CT: enforce, max-age=300, report-uri='https://www.cammino.com.br/'
WWW-Authenticate: Basic realm="Password Protected Area"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1

57706870 | 2024-04-17T23:34:15.745515

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 23:34:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Expect-CT: enforce, max-age=300, report-uri='https://www.cammino.com.br/'
Set-Cookie: frontend=qftvsaieqg72hmbnujms5pavv5; expires=Thu, 18-Apr-2024 00:34:14 GMT; Max-Age=3600; path=/; domain=loja.comprestore.com.br; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: frontend_cid=Qxo6FufEjBn1InGW; expires=Thu, 18-Apr-2024 00:34:14 GMT; Max-Age=3600; path=/; domain=loja.comprestore.com.br; secure; httponly
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:8f:2e:62:a3:0a:6d:b3:b4:43:6e:49:56:19:04:9e:05:f0
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 20 23:03:37 2024 GMT
            Not After : Jun 18 23:03:36 2024 GMT
        Subject: CN=loja.comprestore.com.br
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:7d:7e:04:55:94:aa:c6:cb:fa:2b:00:58:23:
                    02:84:5c:ba:34:3c:bc:08:dc:7a:c6:cb:f1:f5:99:
                    09:38:4d:f0:d7:96:d1:03:79:0e:7e:3d:39:57:9a:
                    1e:35:1d:92:fe:cc:5d:6d:e0:4e:f3:65:6e:9a:36:
                    12:ee:bb:f8:28:d4:62:d0:e7:42:1f:78:4a:ca:8d:
                    c8:9f:4b:4d:74:f6:d4:6b:6b:cb:9f:f0:d8:1d:c9:
                    b7:b0:3d:06:e1:83:0f:64:e5:71:4b:91:60:42:d2:
                    6b:82:c4:d4:16:52:ea:55:ab:02:c7:8f:2c:2c:47:
                    eb:1d:21:5d:a7:58:f6:5a:1f:1c:e4:94:c4:12:16:
                    f4:1b:9a:52:c1:fb:81:f1:d1:b2:4e:88:e6:76:bb:
                    ea:4f:a0:e0:5e:43:15:b7:0c:62:93:69:b3:39:6c:
                    78:d4:59:f5:42:58:9e:66:12:be:3b:3e:c0:4c:9d:
                    70:69:cb:b2:ff:0f:1d:8a:1e:29:48:a2:b5:3a:60:
                    63:9e:d9:8c:a3:a5:45:68:b9:36:85:d9:13:6f:f8:
                    8e:0b:87:e1:f0:2e:54:8f:78:68:42:5f:1a:3e:6f:
                    6b:42:b6:f5:0c:9f:03:e8:0f:5c:6f:a4:89:a5:9a:
                    37:4c:ee:1d:42:bc:ca:c7:10:55:13:6e:72:be:b5:
                    a4:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                2C:C6:8E:8F:E0:DA:42:43:58:3A:F1:77:07:E4:C6:73:3B:13:46:51
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:loja.comprestore.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 21 00:03:37.533 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:CB:B2:EC:93:0D:06:11:D1:1D:61:57:
                                B8:0C:1D:F3:B6:47:EE:82:14:D6:84:95:65:ED:3C:AA:
                                B9:F3:78:84:BE:02:21:00:99:D3:C0:B2:72:D9:D8:7A:
                                AB:2E:C3:2D:38:44:CB:91:17:08:1F:23:0A:CB:F6:CF:
                                6D:E3:F1:F8:98:3D:43:95
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 21 00:03:37.545 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:C4:33:AD:B9:A3:63:49:5D:2A:88:86:
                                E2:84:4E:5E:69:FC:41:2D:54:5C:C7:B5:D4:75:1D:57:
                                5E:BB:52:48:55:02:21:00:A0:72:CD:53:98:B0:48:A9:
                                A6:EF:15:A5:D3:CD:D6:7E:A4:60:21:D1:69:84:53:0F:
                                12:30:E0:5B:92:03:C2:A4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6f:cd:04:bd:32:43:da:fe:4c:a7:02:4c:ee:43:7a:c1:1d:16:
        19:91:5a:ae:8c:c0:7b:c0:3f:72:19:d7:dd:25:02:b8:7d:df:
        92:50:ed:93:25:4a:36:f9:98:53:16:20:28:79:f4:9f:59:b4:
        47:4b:51:3c:f3:b6:77:88:bc:7b:85:db:f1:1a:27:1d:6a:71:
        23:96:34:00:ee:f8:cf:d5:ec:21:37:8f:18:55:c9:a2:66:98:
        4d:ae:eb:3d:34:3e:b2:26:da:0b:77:8e:1c:cb:95:29:0c:94:
        49:d2:c1:57:ec:6c:33:19:48:52:b4:25:2c:d8:41:e9:10:71:
        63:d0:2f:29:9f:a9:c0:39:4f:2e:29:8b:ad:22:ca:f3:20:ca:
        fc:11:a2:e2:ff:c8:a4:e0:27:03:80:69:16:69:47:b2:ff:39:
        da:e7:66:60:de:41:e7:c1:ff:4e:ae:55:37:97:45:c4:c0:69:
        62:ce:c9:7e:4b:aa:54:fa:ed:16:07:4f:05:2f:fc:d9:a0:c8:
        be:16:65:dd:46:39:ca:e2:ca:bb:05:5c:67:a2:e5:d5:78:0a:
        66:5e:88:9f:56:2d:54:30:b7:8a:d8:d2:19:94:20:01:d8:70:
        ae:80:13:5a:5b:ea:6b:a7:ed:f7:9b:98:5a:3b:8f:cb:00:3f:
        8d:ab:e8:8c

138.197.6.206

Last Seen: 2024-05-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

864306896 | 2024-05-04T16:10:31.452083
80 / tcp

Apache httpd

57706870 | 2024-04-17T23:34:15.745515
443 / tcp

Apache httpd

Products

Pricing

Contact Us

138.197.6.206

Last Seen: 2024-05-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

864306896 | 2024-05-04T16:10:31.452083 80 / tcp

Apache httpd

57706870 | 2024-04-17T23:34:15.745515 443 / tcp

Apache httpd

Products

Pricing

Contact Us

864306896 | 2024-05-04T16:10:31.452083
80 / tcp

57706870 | 2024-04-17T23:34:15.745515
443 / tcp