GeneralInformation

Hostnames	ciw.es mail.ciw.es www.ciw.es ip249.ip-91-134-236.eu bigovh3.sered.net
Domains	ciw.es ip-91-134-236.eu sered.net
Country	France
City	Lille
Organization	OVH Hispano
ISP	OVH SAS
ASN	AS16276

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51766	Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
CVE-2022-37452	Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVE-2022-37451	Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
CVE-2021-38371	5.0The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
CVE-2021-27216	6.3Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.
CVE-2020-8015	7.2A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
CVE-2020-28026	9.3Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.
CVE-2020-28025	5.0Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.
CVE-2020-28024	7.5Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
CVE-2020-28023	5.0Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.
CVE-2020-28022	7.5Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
CVE-2020-28021	9.0Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
CVE-2020-28019	5.0Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
CVE-2020-28018	7.5Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
CVE-2020-28017	7.5Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
CVE-2020-28016	7.2Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.
CVE-2020-28015	7.2Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.
CVE-2020-28014	5.6Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
CVE-2020-28013	7.2Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
CVE-2020-28012	7.2Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.
CVE-2020-28011	7.2Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.
CVE-2020-28010	7.2Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small (on some common platforms).
CVE-2020-28009	7.2Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).
CVE-2020-28008	7.2Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution.
CVE-2020-28007	7.2Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.
CVE-2020-12783	5.0Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

OpenPorts

21 53 80 161 443 465 2079 2082 2083 2086 2087

2031327144 | 2024-04-01T18:09:49.052100

21 / tcp

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 100 allowed.
220-Local time is now 19:09. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
530 Login authentication failed
214-The following SITE commands are recognized
 ALIAS
 CHMOD
 IDLE
 UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 AUTH TLS
 PBSZ
 PROT
 UTF8
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c6:fb:1d:cf:69:9d:4b:1b:b6:9a:0b:df:02:79:d3:8b:1a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 21 18:38:06 2024 GMT
            Not After : Jun 19 18:38:05 2024 GMT
        Subject: CN=bigovh3.sered.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a2:84:8a:27:47:35:66:1b:4e:fe:ef:6f:7f:b2:
                    76:a7:9e:52:55:49:a6:1b:b5:d9:e9:3a:09:63:8e:
                    35:04:e3:88:89:2b:3d:8c:6d:67:2e:67:89:ef:0b:
                    47:98:40:14:ba:7f:05:1b:bd:8b:a1:5d:61:1e:26:
                    0e:a1:bd:ed:5e:a3:66:8d:7a:97:ca:b8:9f:4b:86:
                    ba:1e:61:9d:97:51:7b:b5:98:be:54:2b:68:3f:71:
                    c9:02:07:36:d6:0b:78:54:8c:42:ce:07:a4:9f:4f:
                    f6:73:82:be:16:88:6d:d1:1a:da:6b:fc:bc:70:98:
                    d9:6f:45:ce:61:45:69:3c:4f:5b:bb:68:a2:7b:93:
                    81:1e:f7:b0:67:5d:5f:8b:c8:81:75:7c:47:ca:4b:
                    e4:b2:b3:a5:e6:d1:b6:b7:40:d7:f8:65:47:a1:58:
                    f2:4d:c6:0f:40:46:99:8d:de:f3:c7:40:f2:c0:35:
                    5c:3c:83:30:44:6d:ae:c8:b8:1a:13:83:f4:6d:c6:
                    39:7f:19:80:e0:0b:3b:62:4f:a6:75:e8:c6:8f:7c:
                    54:ca:f5:45:5d:ac:d3:2a:a8:8e:f1:d0:d6:56:13:
                    5d:61:07:51:66:d3:44:dd:56:2c:4e:56:43:ff:68:
                    6f:de:20:d8:a2:b6:be:13:0e:49:b2:2c:b5:94:7f:
                    0a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BF:82:D3:5B:6F:5A:48:DE:8D:F8:1C:67:32:DC:C1:30:F0:5F:0F:0C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:bigovh3.sered.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 21 19:38:06.780 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AA:52:5D:B8:79:DC:80:8F:9F:D6:DC:
                                92:94:8A:90:84:96:3E:CF:34:AF:52:C8:F1:6D:FF:71:
                                ED:71:4E:6E:51:02:20:67:66:EC:D2:0F:62:67:09:23:
                                9A:88:CF:7B:A7:68:E7:C3:26:B4:05:82:DB:66:DB:F7:
                                64:84:F8:1B:97:C8:88
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 21 19:38:06.818 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5A:B0:29:8C:47:CF:E0:75:BD:C3:06:96:
                                4F:6C:E6:EE:7E:24:97:DD:F7:93:88:93:5D:73:B2:73:
                                5D:54:52:5E:02:20:5B:AC:4B:2A:28:72:86:F1:D7:91:
                                53:F8:45:0E:47:2A:BA:C7:E1:4C:5F:D2:BB:16:92:1A:
                                CF:5B:EC:07:7E:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a7:15:0e:57:e9:82:8c:72:1e:d0:e2:e4:87:d7:50:e0:ad:5b:
        8d:d8:86:ee:38:95:75:22:f3:a3:a6:c7:89:5d:be:2e:1e:86:
        e8:39:e6:25:b7:39:0e:1d:4c:69:d1:46:59:88:a4:91:5e:c9:
        ca:c1:4e:53:06:e5:47:ab:12:3f:7c:da:7d:d8:20:db:aa:c9:
        5a:93:02:40:8d:82:65:d9:c7:60:03:67:d4:cc:b9:3b:24:60:
        90:f7:9e:e8:fa:42:40:20:fe:a2:b6:fc:0b:26:91:1c:ee:e4:
        9b:78:16:d9:6d:ac:2c:db:cc:02:5e:e1:b1:6a:33:9d:4f:56:
        d3:9a:76:25:4f:18:35:53:80:0f:77:d7:2d:c9:9f:7a:c9:97:
        7e:1b:e3:86:79:fc:99:f9:af:ac:94:0c:95:70:d0:b2:b2:a4:
        86:dd:8f:d2:19:e3:71:2d:16:5d:ce:9f:fe:2d:93:f1:f3:c5:
        8d:b0:e6:d3:98:ac:13:cb:46:cf:74:b5:eb:c2:94:7e:c9:25:
        fe:a8:2d:cf:f6:44:0c:f2:47:1d:83:51:0b:cd:d1:b8:6c:d4:
        ba:04:cc:40:a7:65:91:51:4d:6a:c6:52:a5:78:a4:7a:43:5a:
        e6:1a:6d:05:ac:91:bd:c1:e3:c6:17:96:53:a2:83:eb:3c:69:
        da:5d:51:67

-1776293318 | 2024-03-30T08:27:55.332777

53 / tcp

9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.2
Resolver name: bigovh3.sered.net

1619372214 | 2024-04-11T22:59:36.537062

80 / tcp

HTTP/1.1 200 OK
Date: Thu, 11 Apr 2024 22:59:30 GMT
Content-Length: 1530
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
Server: imunify360-webshield/1.21

-1467995384 | 2024-04-01T00:58:56.333609

161 / udp

SNMP:
  Versions:
    3
  Engine Boots: 10
  Engineid Data: 80001f88809904845408a24e5a00000000
  Enterprise: 8072
  Engine Time: 698 days, 5:18:20

1669074274 | 2024-04-16T16:59:30.839954

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:59:30 GMT
Content-Length: 1388
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
Server: imunify360-webshield/1.21

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:be:0c:d0:37:8d:de:47:f6:98:d0:4c:16:3a:41:97
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=TX, L=Houston, O=cPanel, Inc., CN=cPanel, Inc. Certification Authority
        Validity
            Not Before: Feb 13 00:00:00 2024 GMT
            Not After : May 13 23:59:59 2024 GMT
        Subject: CN=ciw.es
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:aa:ff:b0:9c:41:3a:6c:09:50:30:c4:c1:c9:30:
                    c0:64:76:8f:3c:a5:41:ba:a7:c2:72:ce:97:9c:c7:
                    c6:9e:4b:67:6c:7f:91:f3:8c:20:be:aa:ba:08:1f:
                    1e:37:ec:30:03:5e:8b:ea:49:a5:79:77:62:f3:c1:
                    1d:c0:07:27:30:a5:75:a1:3f:17:98:97:e8:b1:ad:
                    67:97:92:1f:da:32:30:c7:75:2a:f4:a5:2b:0c:52:
                    4a:f9:f2:43:70:c4:7a:8f:a6:d4:d3:3d:8c:fa:b7:
                    d5:a8:58:a8:7d:9f:4e:d1:fd:8c:da:64:8b:e3:a8:
                    34:b2:4e:a7:7e:ea:76:9c:58:6b:77:dc:d5:67:f1:
                    7c:ea:e0:40:9c:8e:2f:25:fa:a7:76:6a:4d:93:31:
                    76:5b:ee:2d:19:fc:b7:bc:e9:9b:29:a1:3c:6a:d4:
                    08:24:cf:b9:d9:34:78:a8:53:2b:98:03:f6:74:82:
                    06:71:58:64:95:a6:07:a7:99:27:b4:67:61:76:49:
                    75:52:4d:cd:7b:d5:8c:2e:e4:8c:fa:2b:6a:5d:8e:
                    4c:c7:5f:51:1e:ee:72:66:a0:fa:40:18:5b:b1:4b:
                    e8:e3:4a:15:0a:d2:43:1c:97:40:f9:16:01:c5:92:
                    48:7f:f0:ed:6c:8e:23:30:ef:a1:5b:c6:b1:35:b6:
                    a6:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                7E:03:5A:65:41:6B:A7:7E:0A:E1:B8:9D:08:EA:1D:8E:1D:6A:C7:65
            X509v3 Subject Key Identifier: 
                1E:1E:E7:AB:5F:04:BF:EE:A2:17:8D:6D:9E:EB:80:28:D8:B0:FE:C6
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.52
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.comodoca.com/cPanelIncCertificationAuthority.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.comodoca.com/cPanelIncCertificationAuthority.crt
                OCSP - URI:http://ocsp.comodoca.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Feb 13 01:48:34.855 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1A:1E:08:62:56:14:C6:D6:F0:D8:DC:C4:
                                81:55:7B:FB:B4:95:17:AD:03:89:63:FB:DE:9B:90:D4:
                                B6:65:E5:32:02:21:00:BE:5A:59:F0:7C:D2:56:BD:2E:
                                98:C2:29:5F:64:99:B8:DB:C1:9B:58:4B:B6:15:D0:3C:
                                E0:6A:0D:35:ED:A9:58
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 13 01:48:34.895 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DA:A8:11:8B:4A:44:46:C5:6D:69:36:
                                14:B2:3A:F8:02:D1:45:1A:43:51:DF:A9:D1:08:EE:37:
                                C2:F5:A2:39:8E:02:20:5C:00:D2:00:BF:9B:A4:A9:B6:
                                65:33:FA:DF:93:2E:FE:0B:DB:38:62:2B:EB:96:56:02:
                                60:65:39:58:95:9D:06
            X509v3 Subject Alternative Name: 
                DNS:ciw.es, DNS:mail.ciw.es, DNS:www.ciw.es
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        37:5c:7f:9b:b8:34:5d:0c:3e:c3:23:4a:55:8a:1c:27:6b:f1:
        59:94:c0:02:3e:a0:d9:87:a2:e3:d7:67:d2:97:9d:78:85:0c:
        69:28:08:e9:d5:9a:02:f7:a9:c1:9f:08:57:62:e6:9d:59:63:
        96:f3:5b:80:be:f7:fa:a5:5c:2e:93:de:81:3c:44:3a:d8:55:
        63:56:c8:80:5b:f6:24:50:34:18:45:d3:90:0e:9d:b4:f1:36:
        29:38:bc:11:1f:08:c7:25:a1:c1:5a:e8:b2:6f:21:51:2a:f0:
        5e:13:80:38:c1:e5:0a:9c:e0:da:fe:e8:50:12:ee:75:21:9f:
        9f:85:24:3f:43:2b:bf:c2:b8:52:49:56:b0:90:a5:87:b4:08:
        99:40:38:7f:e4:81:61:db:c8:cb:80:45:09:11:42:5d:e3:e8:
        76:dc:a1:24:ca:6d:5c:8a:db:dc:e3:da:30:00:d5:05:51:03:
        ff:ae:6a:9c:4a:8f:c2:56:2f:49:fc:31:ba:24:d1:0a:51:56:
        cd:c6:b2:74:ae:cf:d0:c7:4d:32:a2:d2:02:1a:ae:6b:b4:c8:
        41:48:1a:5a:40:5e:ee:e5:88:bc:f9:14:e7:4c:38:d2:08:1c:
        51:9e:3d:10:bf:61:6b:19:b4:d3:cf:25:36:16:33:98:1c:ad:
        a6:a3:72:b1

729121646 | 2024-03-31T03:00:01.277057

465 / tcp

220-bigovh3.sered.net ESMTP Exim 4.93 #2 Sun, 31 Mar 2024 04:59:38 +0200 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-bigovh3.sered.net Hello 224.205.13.254 [224.205.13.254]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c6:fb:1d:cf:69:9d:4b:1b:b6:9a:0b:df:02:79:d3:8b:1a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 21 18:38:06 2024 GMT
            Not After : Jun 19 18:38:05 2024 GMT
        Subject: CN=bigovh3.sered.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a2:84:8a:27:47:35:66:1b:4e:fe:ef:6f:7f:b2:
                    76:a7:9e:52:55:49:a6:1b:b5:d9:e9:3a:09:63:8e:
                    35:04:e3:88:89:2b:3d:8c:6d:67:2e:67:89:ef:0b:
                    47:98:40:14:ba:7f:05:1b:bd:8b:a1:5d:61:1e:26:
                    0e:a1:bd:ed:5e:a3:66:8d:7a:97:ca:b8:9f:4b:86:
                    ba:1e:61:9d:97:51:7b:b5:98:be:54:2b:68:3f:71:
                    c9:02:07:36:d6:0b:78:54:8c:42:ce:07:a4:9f:4f:
                    f6:73:82:be:16:88:6d:d1:1a:da:6b:fc:bc:70:98:
                    d9:6f:45:ce:61:45:69:3c:4f:5b:bb:68:a2:7b:93:
                    81:1e:f7:b0:67:5d:5f:8b:c8:81:75:7c:47:ca:4b:
                    e4:b2:b3:a5:e6:d1:b6:b7:40:d7:f8:65:47:a1:58:
                    f2:4d:c6:0f:40:46:99:8d:de:f3:c7:40:f2:c0:35:
                    5c:3c:83:30:44:6d:ae:c8:b8:1a:13:83:f4:6d:c6:
                    39:7f:19:80:e0:0b:3b:62:4f:a6:75:e8:c6:8f:7c:
                    54:ca:f5:45:5d:ac:d3:2a:a8:8e:f1:d0:d6:56:13:
                    5d:61:07:51:66:d3:44:dd:56:2c:4e:56:43:ff:68:
                    6f:de:20:d8:a2:b6:be:13:0e:49:b2:2c:b5:94:7f:
                    0a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BF:82:D3:5B:6F:5A:48:DE:8D:F8:1C:67:32:DC:C1:30:F0:5F:0F:0C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:bigovh3.sered.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 21 19:38:06.780 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AA:52:5D:B8:79:DC:80:8F:9F:D6:DC:
                                92:94:8A:90:84:96:3E:CF:34:AF:52:C8:F1:6D:FF:71:
                                ED:71:4E:6E:51:02:20:67:66:EC:D2:0F:62:67:09:23:
                                9A:88:CF:7B:A7:68:E7:C3:26:B4:05:82:DB:66:DB:F7:
                                64:84:F8:1B:97:C8:88
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 21 19:38:06.818 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5A:B0:29:8C:47:CF:E0:75:BD:C3:06:96:
                                4F:6C:E6:EE:7E:24:97:DD:F7:93:88:93:5D:73:B2:73:
                                5D:54:52:5E:02:20:5B:AC:4B:2A:28:72:86:F1:D7:91:
                                53:F8:45:0E:47:2A:BA:C7:E1:4C:5F:D2:BB:16:92:1A:
                                CF:5B:EC:07:7E:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a7:15:0e:57:e9:82:8c:72:1e:d0:e2:e4:87:d7:50:e0:ad:5b:
        8d:d8:86:ee:38:95:75:22:f3:a3:a6:c7:89:5d:be:2e:1e:86:
        e8:39:e6:25:b7:39:0e:1d:4c:69:d1:46:59:88:a4:91:5e:c9:
        ca:c1:4e:53:06:e5:47:ab:12:3f:7c:da:7d:d8:20:db:aa:c9:
        5a:93:02:40:8d:82:65:d9:c7:60:03:67:d4:cc:b9:3b:24:60:
        90:f7:9e:e8:fa:42:40:20:fe:a2:b6:fc:0b:26:91:1c:ee:e4:
        9b:78:16:d9:6d:ac:2c:db:cc:02:5e:e1:b1:6a:33:9d:4f:56:
        d3:9a:76:25:4f:18:35:53:80:0f:77:d7:2d:c9:9f:7a:c9:97:
        7e:1b:e3:86:79:fc:99:f9:af:ac:94:0c:95:70:d0:b2:b2:a4:
        86:dd:8f:d2:19:e3:71:2d:16:5d:ce:9f:fe:2d:93:f1:f3:c5:
        8d:b0:e6:d3:98:ac:13:cb:46:cf:74:b5:eb:c2:94:7e:c9:25:
        fe:a8:2d:cf:f6:44:0c:f2:47:1d:83:51:0b:cd:d1:b8:6c:d4:
        ba:04:cc:40:a7:65:91:51:4d:6a:c6:52:a5:78:a4:7a:43:5a:
        e6:1a:6d:05:ac:91:bd:c1:e3:c6:17:96:53:a2:83:eb:3c:69:
        da:5d:51:67

-1922445364 | 2024-04-12T23:18:01.496750

2079 / tcp

HTTP/1.1 401 Unauthorized
Date: Fri, 12 Apr 2024 23:18:01 GMT
Server: cPanel
Persistent-Auth: false
Host: 91.134.236.249:2079
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: close
Vary: Accept-Encoding
WWW-Authenticate: Basic realm="Horde DAV Server"
Content-Length: 35
Content-Type: text/html; charset="utf-8"
Expires: Fri, 01 Jan 1990 00:00:00 GMT

-1420144939 | 2024-04-08T04:23:08.986629

2082 / tcp

HTTP/1.1 200 OK
Date: Mon, 08 Apr 2024 04:23:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Server: imunify360-webshield/1.21
Last-Modified: Monday, 08-Apr-2024 04:23:07 GMT
Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache

-1520274649 | 2024-04-13T06:26:27.457830

2083 / tcp

HTTP/1.1 200 OK
Date: Sat, 13 Apr 2024 06:26:27 GMT
Content-Length: 1473
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
Server: imunify360-webshield/1.21

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:be:0c:d0:37:8d:de:47:f6:98:d0:4c:16:3a:41:97
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=TX, L=Houston, O=cPanel, Inc., CN=cPanel, Inc. Certification Authority
        Validity
            Not Before: Feb 13 00:00:00 2024 GMT
            Not After : May 13 23:59:59 2024 GMT
        Subject: CN=ciw.es
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:aa:ff:b0:9c:41:3a:6c:09:50:30:c4:c1:c9:30:
                    c0:64:76:8f:3c:a5:41:ba:a7:c2:72:ce:97:9c:c7:
                    c6:9e:4b:67:6c:7f:91:f3:8c:20:be:aa:ba:08:1f:
                    1e:37:ec:30:03:5e:8b:ea:49:a5:79:77:62:f3:c1:
                    1d:c0:07:27:30:a5:75:a1:3f:17:98:97:e8:b1:ad:
                    67:97:92:1f:da:32:30:c7:75:2a:f4:a5:2b:0c:52:
                    4a:f9:f2:43:70:c4:7a:8f:a6:d4:d3:3d:8c:fa:b7:
                    d5:a8:58:a8:7d:9f:4e:d1:fd:8c:da:64:8b:e3:a8:
                    34:b2:4e:a7:7e:ea:76:9c:58:6b:77:dc:d5:67:f1:
                    7c:ea:e0:40:9c:8e:2f:25:fa:a7:76:6a:4d:93:31:
                    76:5b:ee:2d:19:fc:b7:bc:e9:9b:29:a1:3c:6a:d4:
                    08:24:cf:b9:d9:34:78:a8:53:2b:98:03:f6:74:82:
                    06:71:58:64:95:a6:07:a7:99:27:b4:67:61:76:49:
                    75:52:4d:cd:7b:d5:8c:2e:e4:8c:fa:2b:6a:5d:8e:
                    4c:c7:5f:51:1e:ee:72:66:a0:fa:40:18:5b:b1:4b:
                    e8:e3:4a:15:0a:d2:43:1c:97:40:f9:16:01:c5:92:
                    48:7f:f0:ed:6c:8e:23:30:ef:a1:5b:c6:b1:35:b6:
                    a6:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                7E:03:5A:65:41:6B:A7:7E:0A:E1:B8:9D:08:EA:1D:8E:1D:6A:C7:65
            X509v3 Subject Key Identifier: 
                1E:1E:E7:AB:5F:04:BF:EE:A2:17:8D:6D:9E:EB:80:28:D8:B0:FE:C6
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.52
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.comodoca.com/cPanelIncCertificationAuthority.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.comodoca.com/cPanelIncCertificationAuthority.crt
                OCSP - URI:http://ocsp.comodoca.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Feb 13 01:48:34.855 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1A:1E:08:62:56:14:C6:D6:F0:D8:DC:C4:
                                81:55:7B:FB:B4:95:17:AD:03:89:63:FB:DE:9B:90:D4:
                                B6:65:E5:32:02:21:00:BE:5A:59:F0:7C:D2:56:BD:2E:
                                98:C2:29:5F:64:99:B8:DB:C1:9B:58:4B:B6:15:D0:3C:
                                E0:6A:0D:35:ED:A9:58
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 13 01:48:34.895 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DA:A8:11:8B:4A:44:46:C5:6D:69:36:
                                14:B2:3A:F8:02:D1:45:1A:43:51:DF:A9:D1:08:EE:37:
                                C2:F5:A2:39:8E:02:20:5C:00:D2:00:BF:9B:A4:A9:B6:
                                65:33:FA:DF:93:2E:FE:0B:DB:38:62:2B:EB:96:56:02:
                                60:65:39:58:95:9D:06
            X509v3 Subject Alternative Name: 
                DNS:ciw.es, DNS:mail.ciw.es, DNS:www.ciw.es
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        37:5c:7f:9b:b8:34:5d:0c:3e:c3:23:4a:55:8a:1c:27:6b:f1:
        59:94:c0:02:3e:a0:d9:87:a2:e3:d7:67:d2:97:9d:78:85:0c:
        69:28:08:e9:d5:9a:02:f7:a9:c1:9f:08:57:62:e6:9d:59:63:
        96:f3:5b:80:be:f7:fa:a5:5c:2e:93:de:81:3c:44:3a:d8:55:
        63:56:c8:80:5b:f6:24:50:34:18:45:d3:90:0e:9d:b4:f1:36:
        29:38:bc:11:1f:08:c7:25:a1:c1:5a:e8:b2:6f:21:51:2a:f0:
        5e:13:80:38:c1:e5:0a:9c:e0:da:fe:e8:50:12:ee:75:21:9f:
        9f:85:24:3f:43:2b:bf:c2:b8:52:49:56:b0:90:a5:87:b4:08:
        99:40:38:7f:e4:81:61:db:c8:cb:80:45:09:11:42:5d:e3:e8:
        76:dc:a1:24:ca:6d:5c:8a:db:dc:e3:da:30:00:d5:05:51:03:
        ff:ae:6a:9c:4a:8f:c2:56:2f:49:fc:31:ba:24:d1:0a:51:56:
        cd:c6:b2:74:ae:cf:d0:c7:4d:32:a2:d2:02:1a:ae:6b:b4:c8:
        41:48:1a:5a:40:5e:ee:e5:88:bc:f9:14:e7:4c:38:d2:08:1c:
        51:9e:3d:10:bf:61:6b:19:b4:d3:cf:25:36:16:33:98:1c:ad:
        a6:a3:72:b1

-2147355638 | 2024-04-15T07:51:53.271592

2086 / tcp

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 07:51:52 GMT
Content-Length: 1531
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
Server: imunify360-webshield/1.21

-1465539379 | 2024-04-03T00:22:00.137009

2087 / tcp

HTTP/1.1 400 Bad Request
Date: Wed, 03 Apr 2024 00:21:56 GMT
Content-Type: text/html
Content-Length: 154
Connection: close
Server: imunify360-webshield/1.21

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>openresty</center>
</body>
</html>

91.134.236.249

Last Seen: 2024-04-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2031327144 | 2024-04-01T18:09:49.052100
21 / tcp

Pure-FTPd

-1776293318 | 2024-03-30T08:27:55.332777
53 / tcp

1619372214 | 2024-04-11T22:59:36.537062
80 / tcp

-1467995384 | 2024-04-01T00:58:56.333609
161 / udp

1669074274 | 2024-04-16T16:59:30.839954
443 / tcp

729121646 | 2024-03-31T03:00:01.277057
465 / tcp

Exim smtpd4.93

-1922445364 | 2024-04-12T23:18:01.496750
2079 / tcp

-1420144939 | 2024-04-08T04:23:08.986629
2082 / tcp

-1520274649 | 2024-04-13T06:26:27.457830
2083 / tcp

-2147355638 | 2024-04-15T07:51:53.271592
2086 / tcp

-1465539379 | 2024-04-03T00:22:00.137009
2087 / tcp

Products

Pricing

Contact Us

91.134.236.249

Last Seen: 2024-04-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2031327144 | 2024-04-01T18:09:49.052100 21 / tcp

Pure-FTPd

-1776293318 | 2024-03-30T08:27:55.332777 53 / tcp

1619372214 | 2024-04-11T22:59:36.537062 80 / tcp

-1467995384 | 2024-04-01T00:58:56.333609 161 / udp

1669074274 | 2024-04-16T16:59:30.839954 443 / tcp

729121646 | 2024-03-31T03:00:01.277057 465 / tcp

Exim smtpd4.93

-1922445364 | 2024-04-12T23:18:01.496750 2079 / tcp

-1420144939 | 2024-04-08T04:23:08.986629 2082 / tcp

-1520274649 | 2024-04-13T06:26:27.457830 2083 / tcp

-2147355638 | 2024-04-15T07:51:53.271592 2086 / tcp

-1465539379 | 2024-04-03T00:22:00.137009 2087 / tcp

Products

Pricing

Contact Us

2031327144 | 2024-04-01T18:09:49.052100
21 / tcp

-1776293318 | 2024-03-30T08:27:55.332777
53 / tcp

1619372214 | 2024-04-11T22:59:36.537062
80 / tcp

-1467995384 | 2024-04-01T00:58:56.333609
161 / udp

1669074274 | 2024-04-16T16:59:30.839954
443 / tcp

729121646 | 2024-03-31T03:00:01.277057
465 / tcp

-1922445364 | 2024-04-12T23:18:01.496750
2079 / tcp

-1420144939 | 2024-04-08T04:23:08.986629
2082 / tcp

-1520274649 | 2024-04-13T06:26:27.457830
2083 / tcp

-2147355638 | 2024-04-15T07:51:53.271592
2086 / tcp

-1465539379 | 2024-04-03T00:22:00.137009
2087 / tcp