GeneralInformation

Hostnames	elaguila.com.mx www.elaguila.com.mx cust-201-161-118-92.triara.com
Domains	elaguila.com.mx triara.com
Country	Mexico
City	Dolores Hidalgo
Organization	Triara.com S.A. de C.V.
ISP	Triara.com S.A. de C.V.
ASN	AS19373
Operating System	Windows

WebTechnologies

Analytics

Google Analytics

Blogs

WordPress6.6.1

Caching

W3 Total Cache

CDN

Unpkg

jQuery CDN

CMS

WordPress6.6.1

Databases

MySQL

JavaScript libraries

jQuery2.2.4

SweetAlert

Performance

WP-Optimize

Programming languages

PHP

Security

reCAPTCHA

SEO

Yoast SEO24.5

Tag managers

Google Tag Manager

WordPress plugins

W3 Total Cache

Yoast SEO24.5

WP-Optimize

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(3)

CVE-2024-11236

9.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

CVE-2024-11234

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.

CVE-2024-11233

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2007(1)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

443 1801 2000 5357 47001

443 / tcp

-1645086778 | 2025-03-24T12:29:36.813716

Hashes

hash

537854706

http.dom_hash

270039572

http.favicon.hash

-760065871

http.html_hash

-1645086778

http.robots_hash

-1708489445

http.server_hash

608434861

http.title_hash

502427518

El Aguila

HTTP/1.1 200 OK
Cache-Control: no-cache,no-cache
Content-Type: text/html; charset=UTF-8
Last-Modified: Sun, 23 Mar 2025 15:53:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.2.22
WPO-Cache-Status: cached
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Xss-Protection: 1; mode=block
Referrer-Policy: origin
Date: Mon, 24 Mar 2025 12:23:55 GMT
Content-Length: 62774

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:6f:aa:3d:eb:48:47:a2:99:ee:29:90:5a:43:b8:17
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
        Validity
            Not Before: May  6 00:00:00 2024 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: C=MX, L=Ciudad de Mexico, O=El Aguila Compa\xC3\xB1ia de Seguros S.A. de C.V., CN=www.elaguila.com.mx
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:1d:d4:b9:a0:57:01:2f:2b:46:1f:11:ee:77:
                    a4:c4:8f:b4:61:40:1e:6a:ae:b2:4a:ab:d0:a8:db:
                    4a:b2:f2:66:ff:91:b8:c9:65:7f:7a:2d:0c:25:13:
                    93:2a:8c:a9:aa:4e:c5:b8:9e:4b:56:04:1f:4b:61:
                    af:4f:4f:86:6e:d9:d5:b1:4d:28:bf:bc:0f:be:c4:
                    9e:44:b7:e7:31:64:4a:28:31:c6:2d:4f:7e:29:9b:
                    9e:e9:dd:22:c3:97:39:48:3b:ed:9c:51:90:97:8c:
                    98:61:19:15:62:60:89:36:8c:af:a6:ef:42:08:c4:
                    8d:45:44:8f:83:00:0d:78:cc:c9:ee:ba:32:8f:f8:
                    f9:5e:f4:f8:b1:aa:e7:da:c5:ae:9d:d9:d4:4c:47:
                    fa:d3:7e:67:c6:9f:fd:8f:f4:8f:85:b3:27:b9:60:
                    ee:5d:5c:b4:5a:f4:be:7d:f3:76:a0:55:3b:04:a3:
                    b1:43:2e:2c:e0:60:36:a0:48:6c:94:c6:7a:c7:c9:
                    c3:42:b5:24:23:f1:b3:71:5d:10:81:4c:09:99:73:
                    97:74:e3:4b:73:ab:fa:05:5a:a9:88:5d:24:04:dc:
                    20:d0:ae:2f:90:7e:11:fd:a3:db:46:b2:d8:e4:a9:
                    34:72:da:84:07:d9:05:d8:ea:46:1a:0a:c6:a7:61:
                    45:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17
            X509v3 Subject Key Identifier: 
                7A:7F:79:9B:F7:76:F1:6E:E2:0D:3B:AA:FE:FD:A8:F2:F3:F2:50:80
            X509v3 Subject Alternative Name: 
                DNS:www.elaguila.com.mx, DNS:elaguila.com.mx
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
                Full Name:
                  URI:http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : May  6 15:24:59.879 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:20:F1:74:23:6D:B8:6F:7A:F2:60:0D:
                                6D:A6:B1:C5:44:0E:29:2F:5F:FB:DB:FD:7D:30:BD:7D:
                                5F:97:2A:2F:02:21:00:99:F1:B5:EC:F5:11:A9:91:FC:
                                98:13:A6:7F:05:0B:74:63:5E:70:0D:78:FA:11:82:B6:
                                35:CC:26:FE:40:DF:3D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : May  6 15:24:59.877 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:66:50:A8:53:17:4B:B7:41:CD:AC:A1:77:
                                C7:43:18:CE:ED:32:3C:59:51:80:57:0B:63:95:56:BB:
                                86:D4:24:6D:02:20:20:3B:C8:34:B4:56:AF:02:A0:8A:
                                0D:AA:53:0C:30:C4:6D:EB:13:57:B2:9B:CE:6E:7E:58:
                                A2:64:28:96:FE:CD
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : May  6 15:24:59.891 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EE:19:7D:F8:BD:A5:4B:89:E8:B6:20:
                                DE:32:E9:96:11:64:A7:E9:A2:25:F6:CB:14:65:96:DA:
                                2A:B5:4B:36:91:02:21:00:DF:5D:24:8B:CF:FF:CC:26:
                                30:8E:EF:C5:26:03:8D:CF:15:A9:83:6C:54:86:62:A4:
                                5A:14:CA:50:1A:26:84:F4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b6:9e:13:d7:9d:2a:c3:fc:df:4a:1e:f2:2f:1e:1d:91:5a:9e:
        b3:cb:39:d8:b4:11:78:8c:f1:20:79:f0:76:16:87:13:5a:2f:
        bd:49:b3:c6:77:6e:7f:ef:38:18:e9:b2:07:f5:0a:0a:32:6f:
        9e:4e:17:35:ec:39:c5:26:22:c7:18:23:81:b4:94:4c:d0:7d:
        29:e0:52:17:94:f2:09:87:3c:b1:00:91:70:68:19:3b:cb:e0:
        40:47:1c:51:f0:33:b7:76:15:08:b7:de:7f:2e:68:b0:78:61:
        25:6b:7c:4b:27:37:63:1a:89:2a:00:4f:ec:f0:ec:cf:55:a2:
        bf:11:8f:4c:8e:0f:9b:8d:65:19:49:41:ac:2c:5d:f0:34:aa:
        bb:41:f6:8f:69:a8:58:d2:08:af:56:74:6c:72:52:d7:3a:df:
        a1:07:b1:f4:2e:0f:48:15:c7:8c:ce:b3:f3:51:ee:06:5e:47:
        33:64:0b:f7:de:4e:21:94:72:40:d7:a0:c4:a0:50:74:7b:b5:
        81:29:60:d6:3b:d1:c9:ca:d8:39:e4:39:f0:0c:b2:b0:46:a6:
        fe:d8:49:78:b1:06:98:3c:15:fa:f8:d9:14:94:9c:73:e3:d3:
        d6:41:29:ff:49:f0:cc:91:89:95:83:88:b8:3f:ef:e4:5c:fe:
        69:fc:67:a1

Vulnerabilities

1 1 7

1801 / tcp

-493122983 | 2025-03-12T01:51:24.945451

\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaa>b\xc1\xba\xe66\xc9B\xbb$\x88W\x1c\xe7\xb9\xb7\x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

5357 / tcp

-1684583448 | 2025-03-23T15:47:04.846976

Hashes

hash

121190361

http.dom_hash

1386055181

http.html_hash

-1684583448

http.server_hash

-761617706

http.title_hash

-1682908569

Service Unavailable

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 23 Mar 2025 15:47:03 GMT
Connection: close
Content-Length: 326

47001 / tcp

1489525118 | 2025-03-23T13:47:18.106293

Hashes

hash

67962640

http.dom_hash

1386055181

http.html_hash

1489525118

http.server_hash

-761617706

http.title_hash

1009235027

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 23 Mar 2025 13:47:45 GMT
Connection: close
Content-Length: 315

201.161.118.92

Last Seen: 2025-03-24

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

443 / tcp

-1645086778 | 2025-03-24T12:29:36.813716

Hashes

Microsoft IIS httpd10.0

1801 / tcp

-493122983 | 2025-03-12T01:51:24.945451

Microsoft Message Queuing

5357 / tcp

-1684583448 | 2025-03-23T15:47:04.846976

Hashes

47001 / tcp

1489525118 | 2025-03-23T13:47:18.106293

Hashes

Products

Pricing

Contact Us

201.161.118.92

Last Seen: 2025-03-24

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

443 / tcp -1645086778 | 2025-03-24T12:29:36.813716

Hashes

Microsoft IIS httpd10.0

1801 / tcp -493122983 | 2025-03-12T01:51:24.945451

Microsoft Message Queuing

5357 / tcp -1684583448 | 2025-03-23T15:47:04.846976

Hashes

47001 / tcp 1489525118 | 2025-03-23T13:47:18.106293

Hashes

Products

Pricing

Contact Us

Vulnerabilities

443 / tcp

-1645086778 | 2025-03-24T12:29:36.813716

1801 / tcp

-493122983 | 2025-03-12T01:51:24.945451

5357 / tcp

-1684583448 | 2025-03-23T15:47:04.846976

47001 / tcp

1489525118 | 2025-03-23T13:47:18.106293