GeneralInformation

Hostnames	mapilab.ru
Domains	mapilab.ru
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

JavaScript libraries

jQuery1.8.2

Miscellaneous

HTTP/3

Tag managers

Google Tag Manager

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

OpenPorts

80 443 2052 2053 2082 2083 2086 2087 2095 8080 8443

1620729894 | 2024-04-27T03:12:38.021824

80 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 27 Apr 2024 03:12:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aba1cd8dfb0e86-AMS

-745057549 | 2024-05-01T02:39:21.217408

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 01 May 2024 02:34:37 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=j6e1tb6ou96sjkesuua0ns2sn0; path=/; domain=mapilab.ru
Set-Cookie: MAPILAB_GUEST_ID=59773984; expires=Sat, 26-Apr-2025 02:34:37 GMT; path=/; domain=mapilab.ru
Set-Cookie: MAPILAB_LAST_VISIT=01.05.2024+02%3A34%3A37; expires=Sat, 26-Apr-2025 02:34:37 GMT; path=/; domain=mapilab.ru
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
B-Powered-By: Bitrix SM/4.1.6 (6e40b78e840b8663f89df46ecbbc0ec3)
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Sel7vImyg7W%2FBdWWIKkjh%2FwcLtKuErbaCq2VXRBedQyIacLwBcgAyd1%2FtiL6yuEu93z9ivXQDLX20sAu6S5YxOvnKMIL%2Fm5N23L74F2C0i1ZtC4r2H0dySuTGnquc65rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87cc5f9eb8bc0fcd-LAX
alt-svc: h3=":443"; ma=86400

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:56:56:e8:95:5d:29:a8:13:19:06:17:06:70:3f:70
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5
        Validity
            Not Before: Mar 27 03:04:00 2024 GMT
            Not After : Jun 25 03:03:59 2024 GMT
        Subject: CN=mapilab.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a1:16:e5:5d:68:18:88:b9:1b:f3:c6:05:52:0a:
                    b0:24:87:bb:3a:c4:45:d3:e3:10:aa:93:37:1b:ec:
                    17:e1:70:02:79:e7:14:f8:ac:ee:71:d9:bf:7f:2c:
                    41:8e:bb:6a:b8:e1:9a:d9:84:00:da:52:bf:a6:db:
                    9b:5c:65:c6:eb:c6:1c:c5:5e:71:72:65:d0:a9:80:
                    8b:31:2c:04:d7:cb:a3:78:f8:f8:bc:bd:ef:e4:b7:
                    3b:ba:45:b3:5e:02:92:f8:f0:a9:bb:ea:49:92:5b:
                    95:cf:43:0f:a3:ef:b3:38:e8:f8:35:3a:a0:3d:07:
                    3d:a2:5c:ce:a7:20:29:a6:ce:60:8a:a3:ce:ca:e3:
                    77:ef:0b:89:33:18:86:8b:3a:14:80:e0:fb:66:be:
                    21:82:61:a2:d1:8c:01:be:cc:b3:8e:c3:ff:5c:57:
                    24:88:c1:18:70:76:13:a8:e7:e5:26:e0:86:24:5d:
                    c8:29:0c:c4:c9:6c:a4:ec:d0:9d:8a:f6:c8:12:58:
                    2b:65:dc:b2:ec:82:5c:e1:9f:7b:a5:9a:4f:16:7b:
                    e2:66:0c:6b:f5:fb:92:f0:ba:9c:f3:aa:9d:1c:63:
                    27:93:f2:5d:d7:82:af:a2:21:f1:2c:18:03:9f:b0:
                    fd:1d:0a:2d:75:9b:2e:cd:b6:c5:f0:80:61:70:2f:
                    7a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                4E:17:A4:5E:FA:A2:62:A9:38:0C:F9:66:66:D5:DF:79:20:FA:50:12
            X509v3 Authority Key Identifier: 
                D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8
            Authority Information Access: 
                OCSP - URI:http://ocsp.pki.goog/s/gts1p5/O9Gof7tBpmU
                CA Issuers - URI:http://pki.goog/repo/certs/gts1p5.der
            X509v3 Subject Alternative Name: 
                DNS:mapilab.ru, DNS:*.mapilab.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.11129.2.5.3
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crls.pki.goog/gts1p5/JOlX_AogZuA.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 27 04:04:00.981 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E3:67:77:1E:61:10:03:D6:DB:7B:FF:
                                F7:36:4E:4B:28:1F:C5:8C:A2:BF:4F:23:AD:4B:AD:FF:
                                6D:8E:36:0B:AC:02:21:00:CC:08:A3:11:9F:A4:62:D6:
                                93:D7:EB:AE:FD:93:EB:C4:CE:DE:2E:B3:38:20:F2:16:
                                38:C5:8D:7E:84:34:01:63
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Mar 27 04:04:01.041 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:53:64:77:72:36:32:DA:3F:16:F0:3C:B7:
                                DB:10:A7:FA:43:51:02:E3:DF:18:73:68:4D:16:A8:B6:
                                26:77:F7:1E:02:21:00:F9:56:A5:4E:1F:1C:79:BC:26:
                                6A:2C:66:BF:C7:29:01:D5:45:5A:31:08:F0:F2:9C:47:
                                A4:75:B4:B3:D5:CF:6E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        11:bd:7a:9d:23:a0:f2:ff:5d:c9:cd:b8:3f:2f:e5:50:02:d0:
        98:e0:ad:9d:12:bd:1b:95:86:c5:a3:c3:dd:54:a7:d7:9b:64:
        e3:3e:f1:8c:79:cc:cb:84:85:d8:60:b7:d7:a5:8c:ce:d4:87:
        ba:b3:b0:8f:e3:0e:93:5c:8a:03:b6:c7:51:64:79:75:70:c7:
        b7:66:0c:77:f6:ef:95:8e:b4:78:1e:95:7c:1a:e0:1d:0f:0a:
        a1:80:d9:17:f0:73:54:ff:85:e2:38:91:51:3a:6e:2a:4f:10:
        97:61:3f:a0:d9:82:d7:47:b7:b7:8e:da:f9:76:5f:11:54:eb:
        52:72:91:85:f2:99:ca:a3:83:d4:a0:dd:aa:3b:14:04:a2:5f:
        32:b1:3a:39:a8:f0:b3:a1:ad:6d:5e:49:65:fa:97:63:43:7d:
        2c:a3:db:40:66:39:1c:a6:ab:e4:bc:e6:57:55:37:ca:0c:a6:
        85:51:49:f3:31:4e:18:fd:cd:8c:23:17:4f:9b:80:0e:8d:15:
        bb:fa:75:ec:0f:c3:fd:e4:e1:59:1d:99:0e:72:18:d5:27:3d:
        66:e3:01:0e:24:3e:f8:7b:92:7b:9a:d0:23:11:87:18:85:9c:
        9c:0a:31:84:c9:0a:4d:36:be:9c:1a:9f:f2:6b:fc:4e:f5:b8:
        40:d6:12:99

1173888671 | 2024-04-25T22:32:42.778710

2052 / tcp

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 22:32:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a1ca6358b614da-LAX

141477257 | 2024-04-02T02:17:59.251334

2053 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 02 Apr 2024 02:17:59 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

361059930 | 2024-05-01T01:44:47.803216

2082 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 01 May 2024 01:44:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87cc16a2b8b46c13-DFW

141477257 | 2024-04-27T04:57:45.098207

2083 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sat, 27 Apr 2024 04:57:45 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

2088038894 | 2024-04-13T10:33:12.999559

2086 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 13 Apr 2024 10:33:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 873acbf01fc22b54-LAX

141477257 | 2024-04-26T08:35:12.154268

2087 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 26 Apr 2024 08:35:12 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

111911575 | 2024-04-24T18:43:37.964548

2095 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 18:43:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87983d72387c0a50-AMS

-1391634434 | 2024-04-28T21:26:59.268427

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 28 Apr 2024 21:26:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ba223c6f042f53-LAX

141477257 | 2024-04-16T05:43:27.544363

8443 / tcp

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 16 Apr 2024 05:43:27 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

172.67.213.210

Last Seen: 2024-05-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1620729894 | 2024-04-27T03:12:38.021824
80 / tcp

CloudFlare

-745057549 | 2024-05-01T02:39:21.217408
443 / tcp

1173888671 | 2024-04-25T22:32:42.778710
2052 / tcp

141477257 | 2024-04-02T02:17:59.251334
2053 / tcp

361059930 | 2024-05-01T01:44:47.803216
2082 / tcp

141477257 | 2024-04-27T04:57:45.098207
2083 / tcp

2088038894 | 2024-04-13T10:33:12.999559
2086 / tcp

141477257 | 2024-04-26T08:35:12.154268
2087 / tcp

111911575 | 2024-04-24T18:43:37.964548
2095 / tcp

-1391634434 | 2024-04-28T21:26:59.268427
8080 / tcp

CloudFlare

141477257 | 2024-04-16T05:43:27.544363
8443 / tcp

CloudFlare

Products

Pricing

Contact Us

172.67.213.210

Last Seen: 2024-05-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1620729894 | 2024-04-27T03:12:38.021824 80 / tcp

CloudFlare

-745057549 | 2024-05-01T02:39:21.217408 443 / tcp

1173888671 | 2024-04-25T22:32:42.778710 2052 / tcp

141477257 | 2024-04-02T02:17:59.251334 2053 / tcp

361059930 | 2024-05-01T01:44:47.803216 2082 / tcp

141477257 | 2024-04-27T04:57:45.098207 2083 / tcp

2088038894 | 2024-04-13T10:33:12.999559 2086 / tcp

141477257 | 2024-04-26T08:35:12.154268 2087 / tcp

111911575 | 2024-04-24T18:43:37.964548 2095 / tcp

-1391634434 | 2024-04-28T21:26:59.268427 8080 / tcp

CloudFlare

141477257 | 2024-04-16T05:43:27.544363 8443 / tcp

CloudFlare

Products

Pricing

Contact Us

1620729894 | 2024-04-27T03:12:38.021824
80 / tcp

-745057549 | 2024-05-01T02:39:21.217408
443 / tcp

1173888671 | 2024-04-25T22:32:42.778710
2052 / tcp

141477257 | 2024-04-02T02:17:59.251334
2053 / tcp

361059930 | 2024-05-01T01:44:47.803216
2082 / tcp

141477257 | 2024-04-27T04:57:45.098207
2083 / tcp

2088038894 | 2024-04-13T10:33:12.999559
2086 / tcp

141477257 | 2024-04-26T08:35:12.154268
2087 / tcp

111911575 | 2024-04-24T18:43:37.964548
2095 / tcp

-1391634434 | 2024-04-28T21:26:59.268427
8080 / tcp

141477257 | 2024-04-16T05:43:27.544363
8443 / tcp