Hello,
I try to harden the outbound communication from my CP server and I see it access cpupdate.mosaicdataservices.com at port 80, non secure HTTP, hence Downloads | cPanel, Inc.
IPs:
185.125.185.32 , Downloads | cPanel, Inc. (the formal resolve to the above FQDN)
110.232.143.226 , Downloads | cPanel, Inc. (no PTR)
185.15.22.168 , Downloads | cPanel, Inc. (168.22.15.185.servers.pt)
27.50.85.8 , Downloads | cPanel, Inc. (cpanel.mirror.serversaustralia.com.au)
103.17.8.8 , Downloads | cPanel, Inc. (103-17-8-8.static.ip.net.tw)
... and I guess there are more
It happens about every one minute, to several of these IP on a row.
Why is that? What is the use of this access? why not using HTTPS?
I try to harden the outbound communication from my CP server and I see it access cpupdate.mosaicdataservices.com at port 80, non secure HTTP, hence Downloads | cPanel, Inc.
IPs:
185.125.185.32 , Downloads | cPanel, Inc. (the formal resolve to the above FQDN)
110.232.143.226 , Downloads | cPanel, Inc. (no PTR)
185.15.22.168 , Downloads | cPanel, Inc. (168.22.15.185.servers.pt)
27.50.85.8 , Downloads | cPanel, Inc. (cpanel.mirror.serversaustralia.com.au)
103.17.8.8 , Downloads | cPanel, Inc. (103-17-8-8.static.ip.net.tw)
... and I guess there are more
It happens about every one minute, to several of these IP on a row.
Why is that? What is the use of this access? why not using HTTPS?
Last edited:
