GeneralInformation

Hostnames	eva.cz smtp3.eva.cz
Domains	eva.cz
Country	Czechia
City	Prague
Organization	Valvera s.r.o.
ISP	Valvera s.r.o.
ASN	AS60086

WebTechnologies

Databases

Development

JavaScript libraries

Miscellaneous

Security

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443 8008 8010

550983868 | 2024-05-19T12:26:12.156919

80 / tcp

HTTP/1.1 302 Found
content-length: 0
location: https://185.59.2.10/
cache-control: no-cache

-1488107790 | 2024-05-25T11:29:59.919418

443 / tcp

HTTP/1.1 200 OK
date: Sat, 25 May 2024 11:29:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=qk0bfpe0mgutk1vprmshit5p5g; path=/; secure; HttpOnly
set-cookie: uideca=171663659924556723160136543; expires=Sun, 25-May-2025 11:29:59 GMT; Max-Age=31536000; path=/; domain=www.eva.cz; secure; HttpOnly
set-cookie: abva=1; expires=Sun, 25-May-2025 11:29:59 GMT; Max-Age=31536000; path=/; domain=www.eva.cz; secure; HttpOnly
set-cookie: pushid=3309c9ac81b6fb8e112e4d58aa23dbec1716636599; expires=Sun, 25-May-2025 11:29:59 GMT; Max-Age=31536000; path=/; domain=www.eva.cz; secure; HttpOnly
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=windows-1250
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:31:86:b6:40:af:62:35:10:62:7f:61:d5:a7:76:c3:ba:7f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 27 21:52:56 2024 GMT
            Not After : Jul 26 21:52:55 2024 GMT
        Subject: CN=*.eva.cz
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a6:eb:e9:b3:5d:89:73:58:cf:91:45:15:35:57:
                    77:67:a7:a0:c8:08:c0:3b:b8:a5:9e:7b:83:cf:2a:
                    c7:6a:9d:1f:10:41:29:c6:0b:23:77:78:b6:e2:07:
                    c3:74:d6:bc:bd:ba:79:a0:c3:ae:75:18:54:f5:b8:
                    76:68:cd:e2:40:cf:a2:81:4f:66:3a:ce:91:76:dc:
                    c8:e1:9b:94:dd:69:f8:eb:b4:c6:0f:7e:3c:c9:9e:
                    33:0a:e0:38:1e:a5:9c:f1:0a:b5:54:b0:91:2b:20:
                    0c:35:6f:e1:b1:49:95:b5:37:52:2f:12:17:42:1a:
                    12:ef:93:b0:02:a0:d7:87:e3:0c:4f:be:00:0d:27:
                    2f:9f:33:67:93:e3:11:a5:87:08:7a:1b:d6:c1:ac:
                    18:39:05:00:1e:15:b5:ee:1e:bc:0a:ec:1f:ab:3f:
                    24:95:af:04:20:6b:04:da:3d:b6:a5:6c:67:99:ea:
                    64:d9:72:13:0e:23:f4:27:0f:b4:4c:80:ac:27:5e:
                    bd:9c:19:52:c9:29:15:55:3e:42:3a:b5:2d:c7:c8:
                    5b:8f:a5:53:b6:1b:77:85:db:74:11:34:03:d9:c6:
                    28:8d:da:1b:6d:14:3c:be:ed:b7:46:c2:69:b0:a9:
                    33:08:35:5a:83:32:8d:e7:42:3d:3c:36:86:c1:d4:
                    e5:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BC:2B:5F:B7:7A:0F:06:05:4C:65:0C:CF:54:45:D3:95:4F:1E:67:B8
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.eva.cz, DNS:eva.cz
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 27 22:52:56.384 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5C:73:A2:D4:81:6B:AF:E8:1A:DD:6F:BB:
                                8A:CD:F2:64:E2:38:97:DD:E3:37:37:98:D2:22:6E:E2:
                                B7:A2:1B:71:02:20:2D:DD:3D:B6:32:07:5F:B2:2D:A0:
                                45:C9:84:C7:78:6D:36:9B:3D:C9:AF:AE:4E:EE:91:77:
                                EE:B6:D9:14:AD:D9
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 27 22:52:56.461 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:9F:A0:FD:62:0D:B8:B3:DB:9B:69:B1:
                                ED:F5:4E:15:B7:71:8B:E2:E7:11:7C:3F:C4:C7:0E:39:
                                13:CB:A4:75:B7:02:21:00:D6:A6:3E:A3:9D:3B:BF:83:
                                02:19:79:E1:2B:3B:81:0D:BA:EE:EA:22:81:CA:9B:FC:
                                51:7A:7F:AD:E9:C8:AE:75
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:01:73:6c:32:15:2d:fe:32:25:af:aa:98:08:ad:f4:89:fa:
        6c:48:54:65:f7:8c:b3:2f:8e:17:6d:61:61:d6:be:51:1d:0d:
        26:bf:1d:ff:ab:47:36:8f:f5:78:a5:68:bb:17:fe:36:4c:a1:
        df:97:6c:90:ce:2a:4b:b2:c8:eb:ed:16:3b:59:cb:cb:4b:78:
        b5:83:39:d8:ae:b5:6b:a2:4e:6a:7f:e6:3d:c3:15:ed:e8:0e:
        95:ee:93:1d:bb:37:4a:76:6d:d6:18:ee:6c:d8:e8:4d:2d:19:
        2c:d1:30:74:0d:df:85:79:2c:c5:ba:bc:7d:04:9a:01:43:6c:
        b3:cd:ec:78:62:45:07:64:25:47:ad:8c:72:07:eb:eb:5c:8a:
        52:9a:04:89:4e:2a:ff:2d:d1:ea:fb:a0:5a:c7:20:97:50:03:
        df:e3:9b:c9:2f:11:46:70:f7:cc:4f:fa:a1:8e:74:b1:20:8b:
        28:4a:65:80:b6:cc:c8:6d:57:09:ee:5b:df:4c:04:a7:99:06:
        88:42:51:db:1c:83:dc:45:78:d7:4e:8f:95:de:96:b5:56:e6:
        e3:79:37:42:ed:8c:02:54:93:cb:4f:7b:03:2f:f0:99:28:ee:
        9c:fe:c8:8a:8e:d2:e9:20:b2:65:df:70:da:53:fe:1b:99:f4:
        45:7d:38:cd

2091062585 | 2024-05-31T21:01:06.268529

8008 / tcp

HTTP/1.1 302 Found
Location: https://185.59.2.10:8010/
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors

185.59.2.10

Last Seen: 2024-05-31

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

550983868 | 2024-05-19T12:26:12.156919
80 / tcp

-1488107790 | 2024-05-25T11:29:59.919418
443 / tcp

2091062585 | 2024-05-31T21:01:06.268529
8008 / tcp

Products

Pricing

Contact Us

185.59.2.10

Last Seen: 2024-05-31

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

550983868 | 2024-05-19T12:26:12.156919 80 / tcp

-1488107790 | 2024-05-25T11:29:59.919418 443 / tcp

2091062585 | 2024-05-31T21:01:06.268529 8008 / tcp

Products

Pricing

Contact Us

550983868 | 2024-05-19T12:26:12.156919
80 / tcp

-1488107790 | 2024-05-25T11:29:59.919418
443 / tcp

2091062585 | 2024-05-31T21:01:06.268529
8008 / tcp