GeneralInformation

Hostnames	bw20.com.br server.bwnet.com.br
Domains	bw20.com.br bwnet.com.br
Country	Brazil
City	Mandaguari
Organization	PERSIO SGUBIN JR. & CIA. LTDA. - BLACK WINDOW INTE
ISP	PERSIO SGUBIN JR. & CIA. LTDA. - BLACK WINDOW INTE
ASN	AS263554

WebTechnologies

JavaScript libraries

Maps

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

21 53 80 123 443 3306 8080

-692974038 | 2024-04-19T00:13:11.594604

21 / tcp

220 ProFTPD Server (FTP BW2.0) [186.250.188.3]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
214-ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
214-STOR    STOU    APPE    REST    ABOR    USER    PASS    ACCT*   
214-REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@server.bwnet.com.br
211-Features:
211-CLNT
211-EPRT
211-EPSV
211-HOST
211-LANG pt-BR.UTF-8*
211-MDTM
211-MFF modify;UNIX.group;UNIX.mode;
211-MFMT
211-MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
211-REST STREAM
211-SITE COPY
211-SITE MKDIR
211-SITE RMDIR
211-SITE SYMLINK
211-SITE UTIME
211-SIZE
211-TVFS
211-UTF8
211 End

1470726729 | 2024-04-17T04:09:15.098462

53 / tcp

huhu-BWNet
Resolver name: server

1470726729 | 2024-04-27T17:31:05.209512

53 / udp

huhu-BWNet
Resolver name: server

1793015233 | 2024-04-28T21:37:27.521116

80 / tcp

HTTP/1.1 200 OK
Date: Sun, 28 Apr 2024 21:37:26 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

-963157176 | 2024-04-08T19:24:49.772326

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -23
rootdelay: 0.0101165771484
rootdisp: 0.0321044921875
refid: 3365930949
reftime: 3921592049.0
poll: 3

1793015233 | 2024-04-30T02:55:55.400615

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 30 Apr 2024 02:55:55 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:9b:3f:df:d8:fc:24:64:4e:4c:0b:c3:41:88:86:79:04:6a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 10 06:05:53 2024 GMT
            Not After : Jul  9 06:05:52 2024 GMT
        Subject: CN=bw20.com.br
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ba:70:3a:d2:76:77:77:ea:2f:80:20:72:19:0a:
                    9a:86:3f:2b:a8:db:dd:d0:50:6f:39:ce:b8:c6:c0:
                    c0:5a:46:d1:d0:0d:24:94:4e:90:8f:79:d8:12:dd:
                    be:42:4b:e4:ed:01:a5:3b:96:21:e0:0a:6e:17:9d:
                    aa:90:8f:1f:7c:a0:71:bd:45:d5:a0:44:ab:b1:0b:
                    24:d7:b3:7c:7b:bd:cf:5a:e9:67:22:6e:3d:05:3f:
                    00:7c:4a:01:44:40:62:a0:66:69:c6:20:be:d6:9a:
                    8f:28:9a:87:f7:db:6c:28:0c:53:e5:79:c6:21:1d:
                    d6:30:80:d3:4a:f6:fc:dc:a8:1a:6e:d1:7c:9f:bb:
                    96:d8:36:be:14:26:a6:99:2c:73:4b:8e:74:a3:de:
                    d5:50:47:27:b1:b7:fa:22:71:7c:0d:4d:97:9c:2d:
                    c9:f7:d4:a9:d5:c3:d6:3a:4b:38:7a:c2:a9:70:25:
                    aa:b0:83:6b:c1:06:5b:fb:5a:84:9a:4a:63:65:98:
                    97:d3:f3:34:6d:98:3b:25:58:0c:9d:be:c5:7f:91:
                    40:6a:39:6e:2c:fa:14:e9:dd:61:d5:18:ae:4d:cc:
                    59:da:4c:aa:d9:83:39:59:0f:ae:73:87:0a:57:11:
                    6a:88:f4:48:e0:db:91:2f:ed:06:07:40:13:0f:c1:
                    d7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B6:B5:8F:55:ED:F2:4C:73:AE:81:C8:38:16:1E:B7:41:AB:5E:B7:E6
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:bw20.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 10 07:05:54.143 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:50:CA:B2:33:C8:6E:1A:65:9F:F3:55:FD:
                                82:0D:ED:8A:BA:F0:8F:B5:6E:B9:91:66:F1:F1:09:0C:
                                DD:EA:92:70:02:21:00:8F:30:FE:F6:C3:E1:8F:C1:78:
                                A7:B5:B3:D6:23:06:30:30:36:55:18:48:80:29:AD:0C:
                                E7:B5:4B:27:84:0D:9A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 10 07:05:54.139 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7C:5A:F7:51:AD:7F:4A:3E:D1:47:88:87:
                                93:E5:6B:09:12:72:1E:2B:95:BF:20:7D:E3:BE:2E:68:
                                D9:CC:72:D1:02:21:00:FC:95:89:62:0E:E3:83:DD:EB:
                                34:D8:14:19:AD:6D:A9:75:95:70:DC:6A:A3:44:7D:69:
                                C9:CB:53:3D:CD:AA:1A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        01:c7:e6:2a:93:5b:b9:ea:87:63:04:b2:2d:7e:c8:b4:ae:86:
        26:74:0f:5c:21:bc:7e:96:64:42:84:1e:05:a1:02:cb:73:17:
        c4:04:83:23:bc:f3:c7:cc:eb:15:a5:9e:d7:9a:b9:1a:55:22:
        b0:75:46:10:31:e5:69:f6:3e:0e:88:19:aa:73:a7:24:89:47:
        eb:3d:91:53:c0:01:7f:73:41:38:e5:94:e4:15:a6:ec:f3:f6:
        a8:46:16:b4:35:5d:3c:11:79:2d:c2:ce:38:74:4d:48:55:19:
        15:62:0e:46:78:63:86:e8:a3:90:f8:8a:87:b0:16:d8:2b:bf:
        f0:8a:2d:f2:22:8b:0d:b6:ee:b7:22:4a:e5:0b:56:f1:64:8a:
        87:dd:ba:6a:fb:eb:97:b0:47:3f:23:b1:af:af:26:0a:df:21:
        bd:b9:2c:4d:64:f9:bf:7b:61:73:1c:e0:29:1c:85:1c:0f:31:
        9d:b5:7f:07:cf:99:d3:e5:88:c3:a8:3e:e4:b0:eb:a3:da:fd:
        8b:37:64:84:3f:dc:45:37:2c:f4:f7:d9:60:1e:39:6c:ee:2c:
        43:e4:e5:6a:6f:9a:e0:2f:2b:cc:f9:7d:0c:dc:a1:53:aa:66:
        a6:29:8e:d3:c2:c6:2e:09:1a:a6:bc:5e:85:88:b9:98:82:48:
        a2:f9:27:e2

1430148213 | 2024-04-16T21:24:02.309391

3306 / tcp

MariaDB:
  Error Message: Host '224.53.114.126' is not allowed to connect to this MariaDB server
  Error Code: 1130

1393880461 | 2024-04-26T15:19:58.371522

8080 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:19:58 GMT
Connection: Keep-Alive
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none';  connect-src *.ookla.com *.speedtest.net *.bwnet.com.br *.bwtelecom.com.br *.speedtestcustom.com; upgrade-insecure-requests
Content-Type: text/html
Content-Length: 109

186.250.188.3

Last Seen: 2024-04-30

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-692974038 | 2024-04-19T00:13:11.594604
21 / tcp

1470726729 | 2024-04-17T04:09:15.098462
53 / tcp

1470726729 | 2024-04-27T17:31:05.209512
53 / udp

1793015233 | 2024-04-28T21:37:27.521116
80 / tcp

Apache httpd

-963157176 | 2024-04-08T19:24:49.772326
123 / udp

1793015233 | 2024-04-30T02:55:55.400615
443 / tcp

Apache httpd

1430148213 | 2024-04-16T21:24:02.309391
3306 / tcp

MariaDB

1393880461 | 2024-04-26T15:19:58.371522
8080 / tcp

Products

Pricing

Contact Us

186.250.188.3

Last Seen: 2024-04-30

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-692974038 | 2024-04-19T00:13:11.594604 21 / tcp

1470726729 | 2024-04-17T04:09:15.098462 53 / tcp

1470726729 | 2024-04-27T17:31:05.209512 53 / udp

1793015233 | 2024-04-28T21:37:27.521116 80 / tcp

Apache httpd

-963157176 | 2024-04-08T19:24:49.772326 123 / udp

1793015233 | 2024-04-30T02:55:55.400615 443 / tcp

Apache httpd

1430148213 | 2024-04-16T21:24:02.309391 3306 / tcp

MariaDB

1393880461 | 2024-04-26T15:19:58.371522 8080 / tcp

Products

Pricing

Contact Us

-692974038 | 2024-04-19T00:13:11.594604
21 / tcp

1470726729 | 2024-04-17T04:09:15.098462
53 / tcp

1470726729 | 2024-04-27T17:31:05.209512
53 / udp

1793015233 | 2024-04-28T21:37:27.521116
80 / tcp

-963157176 | 2024-04-08T19:24:49.772326
123 / udp

1793015233 | 2024-04-30T02:55:55.400615
443 / tcp

1430148213 | 2024-04-16T21:24:02.309391
3306 / tcp

1393880461 | 2024-04-26T15:19:58.371522
8080 / tcp