GeneralInformation

Hostnames	ftp.cloud.hostpoint.ch web.hostpoint.ch sl2509.web.hostpoint.ch
Domains	hostpoint.ch
Country	Switzerland
City	Zürich
Organization	Hostpoint AG, Switzerland
ISP	Hostpoint AG
ASN	AS29097

WebTechnologies

JavaScript libraries

jQuery

Modernizr

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26466

5.9A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

OpenPorts

21 22 80 443

21 / tcp

-1892930093 | 2025-03-29T11:13:57.232666

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 300 allowed.
220-Local time is now 12:13. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
530 Login authentication failed
214-The following SITE commands are recognized
 ALIAS
 CHMOD
 IDLE
 UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
 UTF8
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 PRET
 AUTH TLS
 PBSZ
 PROT
 TVFS
 ESTA
 PASV
 EPSV
 ESTP
211 End.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c5:49:46:0f:cb:86:8a:29:e3:d0:1b:03:49:6a:67:66
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Feb 26 00:00:00 2025 GMT
            Not After : Mar 24 23:59:59 2026 GMT
        Subject: CN=*.ftp.cloud.hostpoint.ch
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:eb:b7:0f:ec:2a:be:5f:29:c0:1e:72:c4:f9:c5:
                    db:1d:f1:5f:6c:11:44:f9:5d:d2:85:f9:d1:7c:be:
                    11:a8:aa:0b:16:d1:b7:b1:a8:c9:32:82:44:50:bd:
                    97:9a:65:98:79:9d:4d:42:41:dc:7b:b8:ff:a7:69:
                    0d:6a:bd:fb:11:de:71:62:dd:b8:ed:4e:50:c1:d4:
                    3a:47:43:94:34:40:bb:74:a7:ae:83:5a:01:71:4d:
                    b2:25:80:42:14:c6:5c:20:1f:47:f9:83:27:48:b9:
                    32:e9:98:fa:df:8d:a2:f0:67:13:a1:1c:5d:ae:53:
                    af:0f:7c:b7:f1:7b:4b:f5:45:e9:c5:bf:3b:51:f3:
                    60:04:0b:48:46:2d:ec:a7:16:ad:a7:9a:7a:84:a1:
                    69:3b:46:ba:8c:a7:9b:a3:fc:3a:0e:22:6b:32:3f:
                    fe:f6:51:15:4e:4e:2d:12:b4:1f:45:6d:55:de:e1:
                    17:3a:2e:3b:04:6f:c4:91:b9:47:e0:34:79:f2:04:
                    93:c7:b3:a3:67:a2:ef:0e:4a:a8:d5:27:b6:a6:14:
                    1f:45:70:2b:28:26:6b:b1:ac:33:a3:36:0c:0c:10:
                    d8:6c:8a:61:a3:ea:51:4d:82:7f:b2:e6:1b:b2:41:
                    7d:32:df:25:22:33:41:f5:b1:79:3c:32:45:7d:04:
                    c5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                F5:D1:24:6E:90:21:6A:CF:E7:33:0C:AB:AB:F8:11:AD:6F:5C:90:48
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.ftp.cloud.hostpoint.ch, DNS:ftp.cloud.hostpoint.ch
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 96:97:64:BF:55:58:97:AD:F7:43:87:68:37:08:42:77:
                                E9:F0:3A:D5:F6:A4:F3:36:6E:46:A4:3F:0F:CA:A9:C6
                    Timestamp : Feb 26 09:51:58.793 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5B:AC:A4:89:E4:17:70:FE:6E:6E:8B:27:
                                99:38:F6:3C:5C:7A:B2:03:B4:0B:05:11:01:60:35:D9:
                                A3:F8:1D:AE:02:21:00:87:27:66:54:B9:7A:F5:25:77:
                                15:B9:7D:71:29:EE:36:6B:A8:2C:28:ED:78:BD:1B:B1:
                                F8:0B:2B:A3:61:BC:68
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:86:D4:C7:28:AA:6F:FE:BA:03:6F:78:2A:4D:01:91:
                                AA:CE:2D:72:31:0F:AE:CE:5D:70:41:2D:25:4C:C7:D4
                    Timestamp : Feb 26 09:51:58.684 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D2:29:EF:39:42:61:7D:B7:32:65:19:
                                C6:E7:E2:50:0C:72:1C:41:FF:95:BC:51:A8:1B:D6:A7:
                                2F:BC:CA:69:5C:02:21:00:C3:27:F8:42:F9:D8:B4:E5:
                                6F:4E:6D:68:8C:7B:20:1D:1D:17:86:A8:F8:10:6E:7F:
                                0B:E7:09:37:5E:25:B4:75
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
                                F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
                    Timestamp : Feb 26 09:51:58.730 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A1:5E:18:7A:3A:68:E0:8D:39:13:69:
                                31:FC:05:1B:1F:39:92:B4:7E:5C:B0:9E:CB:82:98:A0:
                                0E:35:77:C2:DD:02:21:00:9F:90:46:51:24:E2:5B:F4:
                                6D:BC:59:1E:EC:4E:4D:8B:BB:E9:5B:68:DB:A4:08:6A:
                                82:B3:1A:E8:37:A9:EC:71
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        37:95:d3:52:3f:f8:43:e6:98:46:40:2a:26:93:24:01:c4:b2:
        9e:47:55:98:db:b9:95:4a:c2:84:8b:59:ab:e2:5b:8a:a1:ba:
        65:2b:a4:af:2b:70:45:db:d3:79:c0:07:f3:8d:90:e6:00:f5:
        34:72:1d:e2:3e:1b:a9:5a:79:f2:fe:98:a6:8d:96:ac:6d:62:
        78:f8:f5:89:3a:3a:1a:22:02:db:a2:10:47:e7:69:96:b7:11:
        95:eb:b4:cd:ef:49:e9:91:9d:3c:58:a3:90:a3:25:14:b5:3d:
        21:6a:19:05:4a:90:86:c8:8d:00:2c:a2:04:40:19:e8:94:04:
        2a:41:29:6f:10:a9:df:f7:fa:fa:38:96:77:56:c9:f8:15:18:
        ff:5d:0d:3e:a7:45:d3:ce:2f:6e:cb:5e:79:c2:77:1b:69:80:
        65:63:48:35:e7:05:d5:4a:a9:11:f1:ef:94:c3:66:f6:5d:41:
        37:da:45:6e:c5:2d:51:a9:83:11:96:a4:5c:56:cb:ec:dc:e9:
        6a:06:32:1e:7a:51:64:c7:df:24:cb:13:7d:63:43:39:b4:c0:
        14:37:12:14:81:63:5b:39:dc:b6:ac:67:72:f8:92:92:f7:07:
        13:19:7e:1a:22:6e:7d:88:d6:33:d4:c8:91:c1:36:92:0e:6c:
        3b:52:c6:88

22 / tcp

644759199 | 2025-03-09T17:28:12.490887

SSH-2.0-OpenSSH_9.7 FreeBSD-20240806
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDKoTVNAwlboST1VslSWSfn/nCiCq5eGDlpwVvh64XBWnGW
RAMtDn1YSnEGZBcVerir+RjF+zUhImOEsEymR+i0W+sP4Vw57uPRK9jmAwfAXkvbgXdm4+lbJG/o
GTjeot4XEf8pj6HnU6M+NGaHgtaaIzXjr/bfDeghHU8rN0aI1irBjZJMGaJ1Zf/GWb5hwC0yYXAo
Hbt8oHB8uYXke9ShIRpR+MAnHoJrMwSbsRyE9E7jRlOKrIWsMH+we0vkDfro9FHVwM84JN7wCFga
SWSyiaVFtJqopd5lFsx5b7fgbvhhRn15nne90TGQ4thl2B8h4qsiilGCZghJWIIrPO5Z
Fingerprint: bc:c4:66:90:9b:a6:cf:2b:70:05:6d:72:b3:1c:0f:b4

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256@libssh.org
	diffie-hellman-group-exchange-sha256
	ext-info-s
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	rsa-sha2-512-cert-v01@openssh.com
	rsa-sha2-256-cert-v01@openssh.com
	ssh-rsa-cert-v01@openssh.com
	ssh-ed25519
	ssh-ed25519-cert-v01@openssh.com

Encryption Algorithms:
	aes256-gcm@openssh.com
	aes128-gcm@openssh.com
	aes256-ctr
	aes192-ctr
	aes128-ctr

MAC Algorithms:
	hmac-sha2-512-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-512
	hmac-sha2-256
	umac-128@openssh.com

Compression Algorithms:
	none
	zlib@openssh.com

Vulnerabilities

80 / tcp

951121787 | 2025-03-26T20:59:49.510596

Hashes

hash

-1786108912

http.dom_hash

1003723270

http.favicon.hash

55290367

http.html_hash

951121787

http.robots_hash

-1316422146

http.server_hash

869690771

Seite nicht verfügbar

HTTP/1.1 500 Internal Server Error
Date: Wed, 26 Mar 2025 20:59:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

443 / tcp

951121787 | 2025-04-01T22:51:30.142465

Hashes

hash

1181137791

http.dom_hash

1003723270

http.favicon.hash

55290367

http.html_hash

951121787

http.robots_hash

-1316422146

http.server_hash

869690771

Seite nicht verfügbar

HTTP/1.1 500 Internal Server Error
Date: Tue, 01 Apr 2025 22:51:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:53:51:2f:65:4e:31:cb:d9:f0:b4:77:d8:9d:fa:1b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
        Validity
            Not Before: Jul 22 00:00:00 2024 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: C=CH, ST=Sankt Gallen, O=Hostpoint AG, CN=*.web.hostpoint.ch
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ab:43:3c:79:95:c7:ac:34:9c:f4:7b:87:de:4f:
                    45:91:07:42:01:46:b8:9e:ae:86:67:ec:30:3a:92:
                    5d:b2:d3:4d:f9:cc:17:21:f1:5f:d8:66:b7:26:6a:
                    64:cd:d5:8a:3b:46:50:89:a7:dd:04:51:c6:90:5c:
                    a6:73:bf:7d:1a:61:f0:d3:9e:ec:f4:ed:a9:af:f9:
                    2f:f6:29:f7:e9:d2:f0:4d:96:9c:0c:6d:f5:2e:6d:
                    4d:ae:33:83:28:7e:62:79:47:01:55:3a:c1:e6:0e:
                    d0:2c:2f:8a:72:9c:cf:89:49:9e:85:8d:2f:89:6a:
                    eb:8d:01:5e:12:ab:e2:b1:6f:fb:b7:d6:5d:99:6e:
                    af:38:ae:48:68:35:b1:95:34:9c:3f:4e:65:4e:d8:
                    a5:2a:78:c0:cc:6b:8c:cf:e8:3a:8a:b0:a1:dd:b1:
                    01:c4:0f:d8:ec:fa:cd:58:c5:c8:7c:64:7e:0a:ee:
                    68:f5:9b:31:3d:17:12:8a:26:4c:cd:0c:07:44:47:
                    49:bf:bb:d8:34:97:c1:8d:1d:74:0e:75:93:b7:68:
                    92:ca:74:43:02:35:72:1b:68:1d:d4:68:17:65:11:
                    32:22:a3:80:fc:da:8d:b2:aa:4a:6f:98:06:c8:f2:
                    5e:01:4f:bd:19:bf:ac:25:e8:d0:ab:08:0f:dd:fa:
                    ca:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
            X509v3 Subject Key Identifier: 
                28:72:19:6D:95:CE:19:B1:40:20:6F:06:EA:B7:54:E2:1F:12:EE:19
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.web.hostpoint.ch, DNS:web.hostpoint.ch
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
                                3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
                    Timestamp : Jul 22 11:59:51.258 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8B:94:28:3E:EE:A6:6A:A8:84:97:15:
                                B7:6C:51:0E:27:0A:8F:93:47:5C:51:57:B4:8C:67:91:
                                72:4D:84:EA:1C:02:20:27:46:2B:33:26:13:7C:36:37:
                                42:E4:40:89:97:FF:01:39:BF:2E:F8:7B:BE:69:1D:8F:
                                97:E5:A8:11:22:3D:59
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Jul 22 11:59:51.151 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B5:35:D3:CE:BB:4C:83:5B:B0:54:6F:
                                44:0F:26:ED:12:43:C6:21:94:AA:2F:01:1E:E5:26:B4:
                                5B:17:17:48:70:02:21:00:FD:FB:F8:8C:C2:3D:89:B1:
                                2F:C3:23:4E:28:CA:2D:88:C3:B1:E7:AE:1B:3E:F2:24:
                                0E:C2:66:33:98:0D:01:B8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jul 22 11:59:51.151 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F1:FD:20:51:5B:40:1D:C9:80:39:FC:
                                77:13:B0:60:02:04:00:36:7A:17:FA:9E:33:0E:FE:9B:
                                52:2E:B1:A4:BE:02:21:00:D5:F1:BF:C3:BE:AE:91:C1:
                                92:78:39:A0:F0:91:1D:03:C6:93:C0:1E:EE:41:50:A2:
                                22:F8:79:B8:3C:08:07:C9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        38:83:40:7b:4e:db:0d:d0:1b:78:ea:de:68:ef:6d:4c:82:db:
        ab:7f:28:dc:99:6d:ae:e6:ae:bd:2d:c7:4e:61:ef:39:91:05:
        fa:22:e3:71:a6:22:62:ea:a6:cc:a5:a1:b3:28:61:4e:7e:33:
        76:c3:25:ce:05:45:36:ec:aa:e7:8a:03:e9:c5:d3:7b:50:6e:
        a4:9f:fd:ee:af:09:e5:06:9d:d8:d7:15:d0:40:e6:d0:99:aa:
        02:19:97:4d:4c:0a:e5:6c:b0:ee:33:83:16:9d:2f:81:76:46:
        e2:e8:cc:02:fb:86:5b:df:f7:96:73:83:92:b4:b6:9f:1a:02:
        87:59:b2:19:6f:7a:9c:46:52:df:d9:3c:bc:18:5a:f5:11:de:
        65:7f:40:e3:5b:35:e1:ce:16:4b:77:d2:0d:43:4a:c1:ea:e3:
        67:1e:7a:22:ce:89:ca:c4:fc:c9:a1:d3:d2:66:73:75:5d:7d:
        e3:5a:a0:cd:d4:7d:24:d9:77:4b:ed:70:ad:f1:27:ff:16:0a:
        c5:cd:3a:30:d6:90:9d:b2:1e:12:a7:d4:1d:a3:71:ad:df:a0:
        5d:bc:c0:ce:f5:6d:68:35:3f:26:38:c6:ef:43:68:82:a3:d4:
        d4:b4:db:a3:e7:ab:0f:b2:50:92:3e:09:ff:5c:24:30:4e:7c:
        8d:25:8a:8b

217.26.55.36

Last Seen: 2025-04-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

21 / tcp

-1892930093 | 2025-03-29T11:13:57.232666

Pure-FTPd

22 / tcp

644759199 | 2025-03-09T17:28:12.490887

OpenSSH9.7

80 / tcp

951121787 | 2025-03-26T20:59:49.510596

Hashes

Apache httpd

443 / tcp

951121787 | 2025-04-01T22:51:30.142465

Hashes

Apache httpd

Products

Pricing

Contact Us

217.26.55.36

Last Seen: 2025-04-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 22 Latest CVSS

OpenPorts

21 / tcp -1892930093 | 2025-03-29T11:13:57.232666

Pure-FTPd

22 / tcp 644759199 | 2025-03-09T17:28:12.490887

OpenSSH9.7

80 / tcp 951121787 | 2025-03-26T20:59:49.510596

Hashes

Apache httpd

443 / tcp 951121787 | 2025-04-01T22:51:30.142465

Hashes

Apache httpd

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

-1892930093 | 2025-03-29T11:13:57.232666

22 / tcp

644759199 | 2025-03-09T17:28:12.490887

80 / tcp

951121787 | 2025-03-26T20:59:49.510596

443 / tcp

951121787 | 2025-04-01T22:51:30.142465