LeakIX - Host globalcrewing.3cx.ph

Domain globalcrewing.3cx.ph

Philippines

Eastern Telecoms Phils., Inc.

Software information

Sophos Firewall

tcp/8443

nginx nginx

tcp/443 tcp/80

xxxx

tcp/8443

Sophos firewall outdated
The following Sophos firewall is publicly accessible and looks out-dated :

It is critical to update to a safe version as soon as possible since multiple CVEs allow remote attackers to DoS or achieve RCE (Remote code execution) on the firewall. Those vulnerabilities are currently used in ransomware campaign and could damage your network.

Reference:

https://www.cvedetails.com/cve/CVE-2022-1040
IP: 112.199.123.25
Domain: globalcrewing.3cx.ph
Port: 8443
URL: https://globalcrewing.3cx.ph:8443

First seen 2024-06-06 16:13
Last seen 2024-12-20 23:36
Open for 197 days
- Severity: critical
  Fingerprint: 0b25d4f0a9de5b4d45769e527b15558e7b15558e7b15558e7b15558e7b15558e
```
Found SOPHOS firewall user portal
Vulnerable to CVE-2022-1040
```
  Found on 2024-12-20 23:36
Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-20 23:36

HTTP/1.1 302 Found
Date: Fri, 20 Dec 2024 23:36:05 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Sun, 19 Jan 2025 23:36:05 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found one day ago by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-20 23:36
```
Found SOPHOS firewall user portal
```
Found one day ago by SophosPlugin
Create report

Open service 112.199.123.25:443 · globalcrewing.3cx.ph

2024-12-18 22:55

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Dec 2024 22:55:52 GMT
Content-Type: text/html
Content-Length: 1703
Last-Modified: Fri, 15 Nov 2024 13:06:04 GMT
Connection: close
ETag: "6737473c-6a7"
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Security-Policy: default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self'
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: credentialless
Cache-Control: no-cache
Permissions-Policy: geolocation=(),accelerometer=(),gamepad=(),magnetometer=(),midi=(),payment=(),serial=(),xr-spatial-tracking=()
Accept-Ranges: bytes

Page title: 3CX Webclient

<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta http-equiv="x-ua-compatible" content="ie=edge">
  <meta name="theme-color" content="#363535">
  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.6, minimum-scale=1.0">
  <meta name="description" content="3CX">
  <title>3CX Webclient</title>

    <style media="screen" type="text/css">
        .loading {
            opacity: 1;
            position: fixed;
            height: 100%;
            width: 100%;
            top: 0;
            left: 0;
            background-color: var(--bg-tertiary, #363535);
            z-index: 1100;
        }
        .loading-finished {
            transition: opacity .3s, z-index .3s;
            opacity: 0;
            z-index: -1;
        }
        .loading img {
            position:absolute;
            top:0;
            left:0;
            right:0;
            bottom:0;
            margin:auto;
        }
    </style>

  <!-- CSS will be injected by webpack here -->
  <!-- Preload link tags will be injected by webpack here -->
  <link rel="manifest" href="manifest.webmanifest">
  <link rel="apple-touch-icon" href="assets/manifest/icon_192x192.png">
<link rel="stylesheet" href="styles.5a18f90aed8c4944.css"></head>

<body>

  <app>
  </app>

<div class="loading" id="splash-screen">
    <img src="assets/img/logo.png">
</div>

  <!-- Scripts will be injected by webpack here -->
<script src="runtime.62c2dcbb49c5c902.js" type="module"></script><script src="polyfills.680d1e78701adc84.js" type="module"></script><script src="vendor.73c0fceb6883bd59.js" type="module"></script><script src="main.dc73ccc351cd8779.js" type="module"></script></body>
</html>

Found 2024-12-18 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-18 22:55

HTTP/1.1 302 Found
Date: Wed, 18 Dec 2024 22:55:47 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Fri, 17 Jan 2025 22:55:47 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-12-18 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-18 22:55
```
Found SOPHOS firewall user portal
```
Found 2024-12-18 by SophosPlugin
Create report

Open service 112.199.123.25:80 · globalcrewing.3cx.ph

2024-12-18 22:55

HTTP/1.1 403 Forbidden
Server: nginx
Date: Wed, 18 Dec 2024 22:55:48 GMT
Content-Type: text/html
Content-Length: 548
Connection: close

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-12-18 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-18 18:35
```
Found SOPHOS firewall user portal
```
Found 2024-12-18 by SophosPlugin
Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-18 18:35

HTTP/1.1 302 Found
Date: Wed, 18 Dec 2024 18:35:44 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Fri, 17 Jan 2025 18:35:44 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-12-18 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-14 10:07

HTTP/1.1 302 Found
Date: Sat, 14 Dec 2024 10:07:15 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Mon, 13 Jan 2025 10:07:15 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-12-14 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-14 10:07
```
Found SOPHOS firewall user portal
```
Found 2024-12-14 by SophosPlugin
Create report
Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-13 00:24
```
Found SOPHOS firewall user portal
```
Found 2024-12-13 by SophosPlugin
Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-13 00:24

HTTP/1.1 302 Found
Date: Fri, 13 Dec 2024 00:24:32 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Sun, 12 Jan 2025 00:24:32 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-12-13 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-02 12:24
```
Found SOPHOS firewall user portal
```
Found 2024-12-02 by SophosPlugin
Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-12-02 12:24

HTTP/1.1 302 Found
Date: Mon, 02 Dec 2024 12:24:45 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Wed, 01 Jan 2025 12:24:45 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-12-02 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-11-30 10:53

HTTP/1.1 302 Found
Date: Sat, 30 Nov 2024 10:53:36 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Mon, 30 Dec 2024 10:53:36 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-11-30 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-11-30 10:53
```
Found SOPHOS firewall user portal
```
Found 2024-11-30 by SophosPlugin
Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-11-28 07:42

HTTP/1.1 302 Found
Date: Thu, 28 Nov 2024 07:42:17 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Sat, 28 Dec 2024 07:42:17 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-11-28 by HttpPlugin

Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-11-28 07:42
```
Found SOPHOS firewall user portal
```
Found 2024-11-28 by SophosPlugin
Create report
Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-11-21 02:03
```
Found SOPHOS firewall user portal
```
Found 2024-11-21 by SophosPlugin
Create report

Open service 112.199.123.25:8443 · globalcrewing.3cx.ph

2024-11-21 02:03

HTTP/1.1 302 Found
Date: Thu, 21 Nov 2024 02:04:05 GMT
Server: xxxx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Location: https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp
Cache-Control: max-age=2592000
Expires: Sat, 21 Dec 2024 02:04:05 GMT
Content-Length: 252
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://globalcrewing.3cx.ph/userportal/webpages/myaccount/login.jsp">here</a>.</p>
</body></html>

Found 2024-11-21 by HttpPlugin

Create report

Fingerprint:

e96da3cee3c3a46da9b702e693baef7cf99cd96e3e5ee5b33ab23c781272c166

CN:

SophosApplianceCertificate_C010013HRQX4C45

Key:

RSA-2048

Issuer:

Sophos_CA_C010013HRQX4C45

Not before:

2015-08-01 00:00

Not after:

2036-12-31 23:59

globalcrewing.3cx.ph

Fingerprint:

89401b6c4d7b07aab38e726f404ebf388afb2733a0775543b61fff74c580630e

CN:

globalcrewing.3cx.ph

Key:

RSA-2048

Issuer:

R11

Not before:

2024-12-18 21:56

Not after:

2025-03-18 21:56

Domain summary

globalcrewing.3cx.ph 20

1 recorded

IP summary

112.199.123.25 2

1 recorded

Domain globalcrewing.3cx.ph

Philippines

Software information

Sophos firewall outdated

globalcrewing.3cx.ph

Domain summary

IP summary