GeneralInformation

Hostnames

aliancafrancesa.com.br
www.aliancafrancesa.com.br

Domains

aliancafrancesa.com.br

Country

Brazil

City

São Paulo

Organization

Skymail Serviços de Computação e Provimento de Inf

ISP

Skymail Serviços de Computação e Provimento de Inf

ASN

AS265262

WebTechnologies

Analytics

Google Analytics

Blogs

WordPress6.7.1

CMS

WordPress6.7.1

Databases

MySQL

JavaScript libraries

jQuery

Programming languages

PHP

Tag managers

Google Tag Manager

OpenPorts

21 80 443

21 / tcp

1811504651 | 2025-04-16T04:32:55.118625

220 Bem-vindo ao Ftp Server do SkyMail Cloud.
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
 ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
 STOR    STOU    APPE    REST    ABOR    USER    PASS    ACCT*   
 REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to operacao@skymail.com.br
211-Features:
 CLNT
 EPRT
 EPSV
 HOST
 LANG bg-BG;en-US;es-ES;fr-FR;it-IT;ja-JP;ko-KR;ru-RU;zh-CN;zh-TW
 MDTM
 MFF modify;UNIX.group;UNIX.mode;
 MFMT
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
 REST STREAM
 SIZE
 TVFS
 UTF8
211 End

80 / tcp

1729221875 | 2025-04-23T20:02:14.173475

Hashes

hash

1319094643

http.dom_hash

1457876295

http.html_hash

1729221875

http.server_hash

1045506267

http.title_hash

-1933610558

Test Page for the Nginx HTTP Server on Rocky Linux

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 23 Apr 2025 20:02:14 GMT
Content-Type: text/html
Content-Length: 3429
Last-Modified: Thu, 10 Jun 2021 09:09:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "60c1d6af-d65"
Accept-Ranges: bytes

Vulnerabilities

443 / tcp

-379122962 | 2025-04-16T20:50:17.601686

Hashes

hash

-1454967633

http.dom_hash

-821372753

http.favicon.hash

-1128174350

http.html_hash

-379122962

http.robots_hash

-1013459749

http.server_hash

1045506267

Cursos de Francês: Presencial, EAD e Híbrido | AF São Paulo

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 16 Apr 2025 20:50:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.2.27
X-DNS-Prefetch-Control: on
Link: <https://www.aliancafrancesa.com.br/wp-json/>; rel="https://api.w.org/"
X-LiteSpeed-Tag: 42a_HTTP.200,42a_home,42a_URL.6666cd76f96956469e7be39d750cc7d9,42a_F,42a_,42a_MIN.680cbc98ea8618ef75a41d3d5663e9ca.css
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Cross-Origin-Opener-Policy: unsafe-none
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy-Report-Only: unsafe-none; report-to='default'
Cross-Origin-Embedder-Policy: unsafe-none; report-to='default'
X-Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src *; style-src *
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Permissions-Policy: midi=(),sync-xhr=(self),microphone=(),camera=(),fullscreen=(self),payment=*
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
X-XSS-Protection: 1; mode=block

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:18:6a:4e:c6:57:f6:20:16:43:9c:72:30:8e:86:53:b5:39
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Feb 24 17:09:55 2025 GMT
            Not After : May 25 17:09:54 2025 GMT
        Subject: CN=aliancafrancesa.com.br
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9e:3c:ca:b1:59:34:ca:2b:66:d1:ae:ed:b9:ec:
                    58:c2:ea:4c:8d:39:5c:0c:1f:cb:80:f2:6c:9d:32:
                    78:e7:1f:d8:da:38:a7:68:27:d4:19:d6:29:5b:b0:
                    12:9b:d5:13:bc:a8:81:5d:37:56:f2:bc:22:5d:cf:
                    a2:01:c2:bd:e3:c1:f2:1b:52:62:69:78:f7:d1:f0:
                    d7:e2:4d:ab:85:42:25:4a:55:6a:85:7d:ec:6b:2a:
                    12:a6:38:9d:5d:4e:9b:12:d4:08:e7:6c:ef:fc:6c:
                    a4:96:de:97:9f:21:17:d3:73:6e:39:d0:d0:49:64:
                    9d:fc:b2:5b:9f:cd:7e:d4:3b:d2:43:59:4e:2f:a0:
                    cd:40:44:e5:10:25:4f:97:ee:4c:63:87:7f:de:47:
                    c1:89:10:d1:21:d4:96:8c:bd:54:88:df:a4:2b:9c:
                    43:69:a8:ec:dd:7e:c1:88:ac:c8:35:11:dc:cc:16:
                    0f:ee:a5:db:3d:5a:5c:f7:c6:72:1c:d9:31:52:8a:
                    9a:51:ff:79:88:71:ac:4e:b2:dc:5a:21:e9:e6:c8:
                    3f:a3:1d:b6:71:52:78:75:79:c1:0d:c0:ae:8a:96:
                    9f:18:a9:ed:2a:df:8e:56:d3:82:03:e1:57:2a:e0:
                    3b:94:8f:8f:f0:0a:0f:e7:5e:a8:94:65:ea:08:aa:
                    e8:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                EC:A7:22:A2:D5:D4:0A:6D:6A:C2:1D:4B:D5:21:8D:F4:AD:50:6E:58
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:aliancafrancesa.com.br, DNS:www.aliancafrancesa.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 24 18:08:25.835 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:81:64:17:FA:B9:B2:FD:BD:A8:04:29:
                                39:42:7E:A3:19:06:93:44:CF:06:D6:DE:BC:CD:8C:A4:
                                B6:64:2A:68:40:02:21:00:BF:69:A3:19:D9:5D:13:68:
                                C1:CB:01:B1:EB:40:4F:59:82:AE:93:D6:B3:FE:49:27:
                                54:96:CE:70:27:B5:86:2C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Feb 24 18:08:25.868 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:40:7C:89:D2:67:69:83:FD:52:94:CD:DD:
                                4D:2B:AB:58:60:01:A4:89:A1:45:02:B8:97:12:FF:82:
                                12:BF:C7:21:02:21:00:AF:77:72:3D:08:C6:92:7A:E3:
                                B1:91:61:DF:CD:30:F9:80:82:3E:84:C5:32:83:5C:17:
                                7E:8D:73:B8:27:B0:F4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a2:9c:46:10:32:c0:a0:42:d0:05:67:2e:b8:96:99:d2:cb:19:
        a3:ce:b4:46:ba:38:7a:ba:18:df:af:f3:c0:b0:4c:9d:27:fc:
        57:7b:86:68:fd:34:df:42:fc:ed:a0:6a:e8:3a:9f:22:7b:5b:
        5e:52:a8:74:81:7d:0b:b6:e7:b5:24:6a:f9:69:99:77:de:e1:
        d6:14:0a:46:96:d3:5f:45:8e:10:df:3d:6d:14:4d:43:cd:57:
        67:dd:81:50:b6:11:5c:05:09:f7:24:0c:e4:25:36:50:08:50:
        b5:7c:ee:6f:e3:49:8e:8a:4f:29:f3:44:e4:5e:52:06:a9:4e:
        64:f7:4b:d5:b1:35:e0:34:d3:c6:ed:21:8f:4f:c1:dc:34:b5:
        e9:b2:ce:48:50:41:55:de:98:58:a0:79:f7:b3:bf:d7:20:a5:
        af:d2:4b:bf:69:c9:b4:d2:f4:1d:87:8d:5a:7b:ba:4d:9c:b4:
        af:48:c0:2f:b6:ec:eb:3a:c5:ec:ba:1d:93:96:cc:ee:b2:ac:
        63:dc:4c:4f:38:3a:30:fd:47:90:ad:05:71:e0:a6:fc:31:eb:
        c6:b2:75:94:1f:5b:08:77:b3:0c:5e:05:4c:0f:67:bd:a9:9e:
        06:21:e3:de:c1:22:e7:f4:8f:84:41:65:f5:e7:0e:a9:2a:c1:
        e5:ae:c6:d9

Vulnerabilities

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

2019(4)

CVE-2019-20372

5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

CVE-2019-9516

7.5Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.

CVE-2019-9513

7.5Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

CVE-2019-9511

7.5Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

2018(1)

CVE-2018-16845

8.2nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.

200.187.66.74

Last Seen: 2025-04-23

Tags:

GeneralInformation

WebTechnologies

OpenPorts

21 / tcp

1811504651 | 2025-04-16T04:32:55.118625

80 / tcp

1729221875 | 2025-04-23T20:02:14.173475

Hashes

nginx1.14.1

443 / tcp

-379122962 | 2025-04-16T20:50:17.601686

Hashes

nginx1.14.1

Vulnerabilities

Products

Pricing

Contact Us

200.187.66.74

Last Seen: 2025-04-23

Tags:

GeneralInformation

WebTechnologies

OpenPorts

21 / tcp 1811504651 | 2025-04-16T04:32:55.118625

80 / tcp 1729221875 | 2025-04-23T20:02:14.173475

Hashes

nginx1.14.1

443 / tcp -379122962 | 2025-04-16T20:50:17.601686

Hashes

nginx1.14.1

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

Products

Pricing

Contact Us

21 / tcp

1811504651 | 2025-04-16T04:32:55.118625

80 / tcp

1729221875 | 2025-04-23T20:02:14.173475

443 / tcp

-379122962 | 2025-04-16T20:50:17.601686

Vulnerabilities