GeneralInformation

Hostnames	mvsport.com www.mvsport.com
Domains	mvsport.com
Cloud Provider	Azure
Cloud Region	centralus
Cloud Service	AzureCloud
Country	United States
City	Des Moines
Organization	Microsoft Corporation
ISP	Microsoft Corporation
ASN	AS8075
Operating System	Windows

WebTechnologies

Analytics

Google Analytics

JavaScript frameworks

Stimulus

JavaScript libraries

jQuery

OWL Carousel

Tag managers

Google Tag Manager

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(1)

CVE-2024-6484

6.4A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

2019(1)

CVE-2019-8331

6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

2018(4)

CVE-2018-20677

6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2018-20676

6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-14042

6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040

6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

2016(1)

CVE-2016-10735

6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

80 443

80 / tcp

1685118409 | 2025-03-21T20:59:06.565724

Hashes

hash

1231003276

http.dom_hash

-2006505642

http.html_hash

1685118409

http.server_hash

608434861

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 10 Mar 2025 11:49:32 GMT
Accept-Ranges: bytes
ETag: "bd91cc7cb291db1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 21 Mar 2025 20:59:06 GMT
Content-Length: 39

443 / tcp

289908043 | 2025-03-11T05:20:30.094091

Hashes

hash

-1636378668

http.dom_hash

279519164

http.favicon.hash

-33236458

http.html_hash

289908043

http.robots_hash

-732923943

http.title_hash

-729799997

MV Sport

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Set-Cookie: _WebStorePublishState=PRODUCTION; path=/
Set-Cookie: _WebStoreculture=1; path=/
Set-Cookie: _WebStorePublishState=PRODUCTION; path=/
Set-Cookie: _WebStoreculture=1; path=/
Set-Cookie: ASP.NET_SessionId=0xf34kdfxyfor0dk4djxn1ij; path=/; HttpOnly; SameSite=Lax
Set-Cookie: culture=en; path=/
Set-Cookie: _WebStorePublishState=PRODUCTION; path=/
Set-Cookie: _WebStoreculture=1; path=/
Set-Cookie: ASP.NET_SessionId=0xf34kdfxyfor0dk4djxn1ij; path=/; HttpOnly; SameSite=Lax
Set-Cookie: culture=en; path=/
X-Frame-Options: ALLOW-FROM http://localhost:6766/
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Tue, 11 Mar 2025 05:20:29 GMT
Content-Length: 64552

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            db:23:41:d5:14:ff:bd:95:30:b0:fa:98:86:a2:e3:23
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Feb 12 00:00:00 2025 GMT
            Not After : Mar 15 23:59:59 2026 GMT
        Subject: CN=www.mvsport.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9b:b0:25:d6:89:99:a2:df:69:df:6f:72:c6:25:
                    0e:bd:dd:43:46:60:60:3f:a1:26:af:45:39:10:7d:
                    82:29:a3:f3:0c:2b:3a:70:2c:c1:99:9c:40:bd:4f:
                    62:94:61:a4:04:39:a8:7f:07:4e:3e:0a:50:b4:b8:
                    d2:12:be:b3:9a:c1:51:b8:cf:96:4a:8e:38:35:82:
                    87:b7:45:de:90:76:ee:bb:e9:ad:14:3e:28:9a:f9:
                    0e:25:bc:8d:65:0c:bc:fc:52:07:0c:15:31:e2:2f:
                    99:f7:6e:c6:f3:ce:4b:db:93:8e:0e:8e:18:5a:40:
                    cb:06:0c:23:b9:95:7e:47:d9:c1:90:1e:47:5b:d4:
                    6e:2b:cd:e8:a5:96:42:b2:29:c1:c6:d9:b7:e3:45:
                    f5:76:bd:51:6f:03:b2:01:7a:5a:de:0a:74:66:33:
                    e2:bf:81:12:4f:bb:a2:5a:bb:88:95:59:68:b5:4f:
                    76:2c:a5:80:6e:c7:fb:9f:00:02:be:96:ee:56:e6:
                    14:34:81:f3:fd:61:d0:c4:48:82:bd:80:47:02:b0:
                    35:48:77:5f:9a:dd:a7:39:2f:26:f3:47:64:ef:a8:
                    15:3d:25:fd:8d:2d:a4:22:92:23:e5:2a:8f:93:25:
                    14:18:59:2b:5f:28:f0:34:48:c1:3d:c2:80:03:90:
                    b7:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                2E:1A:3C:34:F0:17:55:02:A2:1B:B0:CA:AA:FC:DD:6E:42:BC:B6:54
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:www.mvsport.com, DNS:mvsport.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 96:97:64:BF:55:58:97:AD:F7:43:87:68:37:08:42:77:
                                E9:F0:3A:D5:F6:A4:F3:36:6E:46:A4:3F:0F:CA:A9:C6
                    Timestamp : Feb 12 13:44:40.419 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1F:84:6D:6B:86:25:88:D0:45:A1:5F:A1:
                                05:06:A5:0A:F8:4C:18:66:AF:74:94:92:22:63:DF:EB:
                                89:92:69:E6:02:20:6E:59:A3:B8:1A:E4:07:09:B5:58:
                                63:02:F3:21:5B:AB:E2:BF:BC:F5:FC:5A:15:15:D5:82:
                                AC:48:3E:F6:3C:21
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:86:D4:C7:28:AA:6F:FE:BA:03:6F:78:2A:4D:01:91:
                                AA:CE:2D:72:31:0F:AE:CE:5D:70:41:2D:25:4C:C7:D4
                    Timestamp : Feb 12 13:44:40.383 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:17:C8:53:4D:65:6A:0D:65:11:82:54:83:
                                0F:64:E1:58:CB:18:A8:CB:76:66:34:89:32:28:3A:9C:
                                65:EC:48:EF:02:21:00:82:78:FB:A2:2F:14:55:E8:4D:
                                02:A5:C2:DB:18:2E:72:2B:E9:B5:A2:7A:6E:CC:80:32:
                                96:04:06:01:E8:08:69
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
                                F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
                    Timestamp : Feb 12 13:44:40.438 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A5:FA:AC:21:B9:1F:62:4E:40:69:2F:
                                AB:36:FC:36:2D:14:F0:46:D6:EE:74:F9:74:A4:90:6C:
                                14:A4:6C:6F:A8:02:20:7E:90:AF:85:22:B6:EA:A3:FB:
                                C0:0C:D5:62:C4:4B:49:AB:9D:D7:03:04:1D:F1:08:98:
                                E6:92:39:13:73:B9:3A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b4:fe:12:92:93:93:f0:0a:f2:73:83:0f:4d:52:eb:af:d5:9d:
        7c:b6:b9:9b:13:b6:bb:df:66:af:75:dc:8c:46:a1:ab:ba:2c:
        8d:38:4b:79:bb:94:5c:e9:b5:6c:c6:ef:f6:85:87:3f:ab:65:
        f7:21:0f:3c:72:06:7e:57:9d:7c:77:2d:6f:e6:fd:ea:77:6a:
        1f:02:01:60:08:8d:a7:a9:d3:8d:ba:8e:63:11:b6:56:d7:a6:
        67:69:4d:22:2b:61:a0:e4:d8:ab:97:c3:f8:2d:e8:c9:e7:e7:
        e6:e6:ff:d3:cb:2a:4a:49:a8:1e:d6:42:83:7f:a7:47:87:20:
        dd:f8:3f:8c:fb:b3:fe:2b:14:5e:68:cc:23:9f:61:db:25:61:
        5b:ce:9a:7c:15:3e:0a:63:a6:6f:1a:2e:3c:06:96:7d:ba:0a:
        12:80:a1:c3:38:13:e4:de:74:48:5b:e4:05:f0:c0:85:76:90:
        25:54:05:58:c6:b7:31:8a:f8:83:a3:70:20:55:d3:d5:a9:88:
        01:81:f4:d8:08:37:eb:e3:5d:65:27:71:2b:54:8c:ab:29:4c:
        2f:e8:b7:d6:9c:c1:9c:ac:8c:08:da:01:16:29:54:c5:90:fd:
        ec:d1:63:b7:f2:62:0b:6e:b8:64:4c:c8:32:72:92:76:31:05:
        e9:e4:c6:ad

Vulnerabilities

20.106.62.207

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

1685118409 | 2025-03-21T20:59:06.565724

Hashes

Microsoft IIS httpd10.0

443 / tcp

289908043 | 2025-03-11T05:20:30.094091

Hashes

Products

Pricing

Contact Us

20.106.62.207

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp 1685118409 | 2025-03-21T20:59:06.565724

Hashes

Microsoft IIS httpd10.0

443 / tcp 289908043 | 2025-03-11T05:20:30.094091

Hashes

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1685118409 | 2025-03-21T20:59:06.565724

443 / tcp

289908043 | 2025-03-11T05:20:30.094091