GeneralInformation

Hostnames	barcelonaculinaryhub.com barcelonaculinaryhub.es biumiami.com eae.es eaebarcelona.com eaemadrid.com edcparis.edu ege.co.ma esdesignbarcelona.com eslsca.fr eslsca.ma ifp.es inesdi.com inesdi.es institutoinesdi.es obsbusiness.school obsbusinessschol.info www.obsbusinessschol.info onlinebschool.es ostelea.com ostelea.es www.ostelea.es ostelea.ma planetaformacion.com www.planetaformacion.com planetaformacion.es sportsmanagementschool.es sportsmanagementschool.fr sportsmanagementschool.ma supdeluxe.com thecoreschool.com theds.fr threepoints.com unibarcelona.com universidadunie.com universidadviu.com universidadviu.es universitatcarlemany.ad universitatcarlemany.com universitatcarlemany.es universitatcarlemany.fr viu.es
Domains	barcelonaculinaryhub.com barcelonaculinaryhub.es biumiami.com eae.es eaebarcelona.com eaemadrid.com edcparis.edu ege.co.ma esdesignbarcelona.com eslsca.fr eslsca.ma ifp.es inesdi.com inesdi.es institutoinesdi.es obsbusiness.school obsbusinessschol.info onlinebschool.es ostelea.com ostelea.es ostelea.ma planetaformacion.com planetaformacion.es sportsmanagementschool.es sportsmanagementschool.fr sportsmanagementschool.ma supdeluxe.com thecoreschool.com theds.fr threepoints.com unibarcelona.com universidadunie.com universidadviu.com universidadviu.es universitatcarlemany.ad universitatcarlemany.com universitatcarlemany.es universitatcarlemany.fr viu.es
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

CMS

Drupal10

Ecommerce

Abicart

Hosting

Drupal Multisite

JavaScript frameworks

Alpine.js

Programming languages

PHP

Security

HSTS

Tag managers

Google Tag Manager

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(7)

CVE-2024-11236

9.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

CVE-2024-11234

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.

CVE-2024-11233

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

CVE-2024-5585

7.7In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

CVE-2024-4577

9.8In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

CVE-2024-2408

5.9The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817 (rsa_pkcs1_implicit_rejection). These changes are part of OpenSSL 3.2 and have also been backported to stable versions of various Linux distributions, as well as to the PHP builds provided for Windows since the previous release. All distributors and builders should ensure that this version is used to prevent PHP from being vulnerable. PHP Windows builds for the versions 8.1.29, 8.2.20 and 8.3.8 and above include OpenSSL patches that fix the vulnerability.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2007(1)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443 2082 2083 2086 2087 2095 8443 8880

80 / tcp

1205239759 | 2025-03-18T11:48:13.950058

Hashes

hash

-162287230

http.dom_hash

141679194

http.html_hash

1205239759

http.server_hash

958142897

http.title_hash

-1039101684

Direct IP access not allowed | Cloudflare

HTTP/1.1 403 Forbidden
Date: Tue, 18 Mar 2025 11:48:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 92247ff32c7c6604-AMS

443 / tcp

-1933020506 | 2025-03-28T20:18:46.884448

Hashes

hash

-43420582

http.dom_hash

1570015014

http.favicon.hash

-22744419

http.html_hash

-1933020506

http.server_hash

958142897

http.title_hash

824435931

Acceso | UNIBA

HTTP/1.1 200 OK
Date: Fri, 28 Mar 2025 20:18:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/8.3.7
Cache-Control: max-age=3600, public
x-drupal-dynamic-cache: UNCACHEABLE
content-language: es
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie
x-generator: Drupal 10 (https://www.drupal.org)
x-xss-protection: 1
strict-transport-security: max-age=1000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Mar 2025 20:18:46 GMT
via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 9279d1903f536459-SJC

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d9:83:58:2f:67:64:54:d1:37:f6:68:5c:cf:2a:93:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
        Validity
            Not Before: Sep  9 00:00:00 2024 GMT
            Not After : Oct  9 23:59:59 2025 GMT
        Subject: C=ES, ST=Barcelona, O=Planeta Innovaci\xC3\xB3n, S.A., CN=www.planetaformacion.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e3:a7:ea:1e:40:4b:a4:b6:8e:cf:66:cc:c0:4f:
                    ec:55:ea:7e:8b:67:bd:b2:d2:6d:b8:c6:ee:b1:95:
                    20:31:ef:eb:01:39:b0:78:ec:1f:df:67:35:5c:9c:
                    1a:55:a9:30:f7:bb:57:29:11:d2:a3:53:49:22:07:
                    d4:ad:dc:4b:26:ff:a5:cb:c0:64:02:a9:4f:d7:3b:
                    29:8e:bb:4a:92:18:6e:54:33:b1:f9:91:1b:06:c8:
                    df:1b:61:3c:52:9c:1d:d2:da:62:43:f6:40:d5:02:
                    9c:fa:6c:0d:2a:4a:60:9d:f8:ac:eb:da:f8:e6:6b:
                    00:ab:63:09:73:06:8f:83:0f:6d:d4:69:f3:21:b6:
                    34:8e:4f:3f:ee:d5:37:75:c4:bf:8f:9d:93:5b:c7:
                    d3:b9:88:6e:81:55:73:a7:21:8e:c1:f3:78:4a:90:
                    d3:35:22:82:e8:32:f0:15:9c:74:9e:ef:0b:c9:f9:
                    8d:6c:c2:f7:c7:e9:1b:05:ed:a9:4f:52:1d:49:b2:
                    91:3e:9e:d7:b2:0d:77:93:5e:c6:0c:58:6e:fb:03:
                    40:c3:8a:34:8a:ad:06:4e:1d:00:c4:bf:a5:1d:f7:
                    e1:ec:87:61:09:84:93:5e:1a:4c:68:d0:57:51:61:
                    0a:41:d3:75:b9:a8:c8:e4:ec:ab:80:56:d2:6c:14:
                    69:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
            X509v3 Subject Key Identifier: 
                8E:7C:7C:B4:E2:37:8C:AD:54:F1:4C:E1:2A:E0:FF:E3:35:C8:15:FB
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
                                3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
                    Timestamp : Sep  9 10:31:16.727 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1A:02:B7:7E:0D:9B:8A:2E:9F:9B:E2:4C:
                                17:8F:96:85:2F:D7:0C:E5:42:50:78:B0:DA:9C:4F:FE:
                                29:36:26:D4:02:20:0C:5B:70:12:1A:97:EE:99:D4:52:
                                75:51:41:C4:AB:5D:37:F9:11:DD:18:19:31:CF:80:83:
                                D5:49:7A:A8:88:C5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Sep  9 10:31:16.654 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6E:14:B5:B5:CF:E7:7E:5A:7F:E0:D7:04:
                                F2:50:09:94:0D:11:5F:BC:E4:DA:36:8D:CD:AB:B3:6D:
                                13:60:3A:18:02:21:00:B8:E8:C3:F0:71:19:35:21:CE:
                                6D:AD:9B:BD:2C:9C:A9:3D:D9:67:1A:44:0D:CE:E0:E4:
                                54:72:02:76:99:74:B9
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Sep  9 10:31:16.633 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:33:FF:06:7B:1A:37:E1:DB:C1:F0:27:99:
                                09:57:6C:26:E1:06:25:6E:1D:1C:E0:56:F9:47:B3:F7:
                                3A:90:85:D1:02:21:00:BD:D0:70:46:B7:68:64:AB:57:
                                14:B4:AE:32:F8:7B:0F:79:81:58:9B:47:74:96:98:EC:
                                A3:65:77:73:32:D8:6E
            X509v3 Subject Alternative Name: 
                DNS:www.planetaformacion.com, DNS:*.barcelonaculinaryhub.com, DNS:*.barcelonaculinaryhub.es, DNS:*.biumiami.com, DNS:*.eae.es, DNS:*.eaebarcelona.com, DNS:*.eaemadrid.com, DNS:*.edcparis.edu, DNS:*.ege.co.ma, DNS:*.esdesignbarcelona.com, DNS:*.eslsca.fr, DNS:*.eslsca.ma, DNS:*.ifp.es, DNS:*.inesdi.com, DNS:*.inesdi.es, DNS:*.institutoinesdi.es, DNS:*.obsbusiness.school, DNS:*.onlinebschool.es, DNS:*.ostelea.com, DNS:*.ostelea.ma, DNS:*.planetaformacion.com, DNS:*.planetaformacion.es, DNS:*.sportsmanagementschool.es, DNS:*.sportsmanagementschool.fr, DNS:*.sportsmanagementschool.ma, DNS:*.supdeluxe.com, DNS:*.thecoreschool.com, DNS:*.theds.fr, DNS:*.threepoints.com, DNS:*.unibarcelona.com, DNS:*.universidadunie.com, DNS:*.universidadviu.com, DNS:*.universidadviu.es, DNS:*.universitatcarlemany.ad, DNS:*.universitatcarlemany.com, DNS:*.universitatcarlemany.es, DNS:*.universitatcarlemany.fr, DNS:*.viu.es, DNS:barcelonaculinaryhub.com, DNS:barcelonaculinaryhub.es, DNS:biumiami.com, DNS:eae.es, DNS:eaebarcelona.com, DNS:eaemadrid.com, DNS:edcparis.edu, DNS:ege.co.ma, DNS:esdesignbarcelona.com, DNS:eslsca.fr, DNS:eslsca.ma, DNS:ifp.es, DNS:inesdi.com, DNS:inesdi.es, DNS:institutoinesdi.es, DNS:obsbusiness.school, DNS:obsbusinessschol.info, DNS:onlinebschool.es, DNS:ostelea.com, DNS:ostelea.es, DNS:ostelea.ma, DNS:planetaformacion.com, DNS:planetaformacion.es, DNS:sportsmanagementschool.es, DNS:sportsmanagementschool.fr, DNS:sportsmanagementschool.ma, DNS:supdeluxe.com, DNS:thecoreschool.com, DNS:theds.fr, DNS:threepoints.com, DNS:unibarcelona.com, DNS:universidadunie.com, DNS:universidadviu.com, DNS:universidadviu.es, DNS:universitatcarlemany.ad, DNS:universitatcarlemany.com, DNS:universitatcarlemany.es, DNS:universitatcarlemany.fr, DNS:viu.es, DNS:www.obsbusinessschol.info, DNS:www.ostelea.es
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5e:c3:a0:e4:7e:42:b4:ce:8c:7d:04:42:ed:52:b1:a3:04:a6:
        6c:34:39:69:a6:97:bb:f4:92:c0:78:73:a1:a7:f0:7d:e4:22:
        d1:70:17:04:31:25:30:9b:3b:e9:28:29:98:6c:c1:8c:98:90:
        b0:fa:b4:af:de:9b:3c:39:c3:fa:77:01:73:4d:ce:d7:9a:ba:
        de:42:39:ef:dc:8d:2b:e2:59:79:1c:f2:7d:a4:20:e2:b8:e9:
        c6:71:99:07:61:21:d4:3b:4a:e6:7c:25:2d:54:da:bb:2f:eb:
        07:85:0e:f1:df:eb:28:98:9a:94:2c:33:46:04:1c:07:b7:d5:
        c1:dd:68:01:f2:15:ef:6d:9c:cd:f3:da:2a:10:eb:d2:a9:bc:
        e5:56:42:86:04:2c:ee:4a:3e:f2:39:2c:f4:fe:a4:a5:b7:2b:
        3e:9d:e4:18:6b:b5:ff:e2:4b:28:7c:b0:e3:9b:a8:10:7c:a2:
        6f:13:cb:97:b5:29:12:b9:d9:6d:16:35:0b:a7:a9:ec:d5:53:
        08:93:60:c4:2e:ee:de:9c:09:f6:d8:e5:dc:0d:3e:35:5e:ac:
        2f:c8:f4:fb:d0:88:2b:55:0e:6b:61:1d:2e:6b:ec:c6:10:44:
        7e:c8:c7:6e:b5:e4:bd:bd:af:24:ef:2b:7a:4b:31:74:d1:45:
        7b:91:bd:53

400 The plain HTTP request was sent to HTTPS port

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 23 Mar 2025 07:13:58 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

8880 / tcp

1891514943 | 2025-03-21T09:32:22.042192

HTTP/1.1 403 Forbidden
Date: Fri, 21 Mar 2025 09:32:22 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 923c710dba222b8f-LAX

error code: 1003

104.18.23.55

Last Seen: 2025-03-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

1205239759 | 2025-03-18T11:48:13.950058

Hashes

CloudFlare

443 / tcp

-1933020506 | 2025-03-28T20:18:46.884448

Hashes

2082 / tcp

320666445 | 2025-03-26T03:50:55.719058

Hashes

2083 / tcp

141477257 | 2025-03-15T15:07:10.002470

Hashes

2086 / tcp

1028811256 | 2025-03-21T07:13:18.787884

Hashes

2087 / tcp

141477257 | 2025-03-28T11:11:23.877361

Hashes

2095 / tcp

46076208 | 2025-03-12T07:00:55.398761

Hashes

8443 / tcp

141477257 | 2025-03-23T07:13:58.325056

Hashes

CloudFlare

8880 / tcp

1891514943 | 2025-03-21T09:32:22.042192

Products

Pricing

Contact Us

104.18.23.55

Last Seen: 2025-03-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp 1205239759 | 2025-03-18T11:48:13.950058

Hashes

CloudFlare

443 / tcp -1933020506 | 2025-03-28T20:18:46.884448

Hashes

2082 / tcp 320666445 | 2025-03-26T03:50:55.719058

Hashes

2083 / tcp 141477257 | 2025-03-15T15:07:10.002470

Hashes

2086 / tcp 1028811256 | 2025-03-21T07:13:18.787884

Hashes

2087 / tcp 141477257 | 2025-03-28T11:11:23.877361

Hashes

2095 / tcp 46076208 | 2025-03-12T07:00:55.398761

Hashes

8443 / tcp 141477257 | 2025-03-23T07:13:58.325056

Hashes

CloudFlare

8880 / tcp 1891514943 | 2025-03-21T09:32:22.042192

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1205239759 | 2025-03-18T11:48:13.950058

443 / tcp

-1933020506 | 2025-03-28T20:18:46.884448

2082 / tcp

320666445 | 2025-03-26T03:50:55.719058

2083 / tcp

141477257 | 2025-03-15T15:07:10.002470

2086 / tcp

1028811256 | 2025-03-21T07:13:18.787884

2087 / tcp

141477257 | 2025-03-28T11:11:23.877361

2095 / tcp

46076208 | 2025-03-12T07:00:55.398761

8443 / tcp

141477257 | 2025-03-23T07:13:58.325056

8880 / tcp

1891514943 | 2025-03-21T09:32:22.042192