LeakIX - Host 107.23.76.187

Host 107.23.76.187

United States

AMAZON-AES

Ubuntu

Software information

Grafana 9.5.2

tcp/443 tcp/80

nginx nginx 1.18.0

tcp/443 tcp/80

Grafana instance publicly available
Grafana instance is open to the public and could leak the following information :

System/internal statistics

Database backend credentials
IP: 107.23.76.187
Port: 443
URL: https://107.23.76.187

First seen 2022-11-13 21:31
Last seen 2024-12-22 00:47
Open for 769 days
- Fingerprint: afdaacf60309de55fbe6b9b48b8549118b8549118b8549118b8549118b854911
```
Read-only access:
Title: YTVN (Operator) | path: db/ytvn-operator | type: dash-db
```
  Found on 2024-12-22 00:47
- Severity: critical
  Fingerprint: afdaacf6f709cb2337d4d96bd8cc14c30bdccd3b0bdccd3b0bdccd3b0bdccd3b
```
Found vulnerable Grafana version 9.2.3:
Affected by CVE-2023-22462
Affected by CVE-2022-39328
```
  Found on 2023-05-07 02:51
- Fingerprint: afdaacf60309de55fbe6b9b422dd4bc522dd4bc522dd4bc522dd4bc522dd4bc5
```
Read-only access:
Title: YTVN | path: db/ytvn | type: dash-db
```
  Found on 2022-11-19 02:53
- Fingerprint: afdaacf60a09e95b794bffe1d37dfc4ab2004dda6a2a9f9a2ac55b062ac55b06
```
Unrestricted access:
Title: YTVN | path: db/ytvn | type: dash-db
Datasources:
Name: MySQL | type: mysql | dsn: ytvn-channel-alert-dev.cyutpj48zbnt.us-east-1.rds.amazonaws.com:3306/sys
Name: WebSocket API | type: golioth-websocket-datasource | dsn: /
```
  Found on 2022-11-13 21:31
Create report
Grafana instance publicly available
Grafana instance is open to the public and could leak the following information :

System/internal statistics

Database backend credentials
IP: 107.23.76.187
Port: 80
URL: http://107.23.76.187/api/datasources

First seen 2022-11-12 17:50
Last seen 2024-12-21 23:38
Open for 770 days
- Fingerprint: afdaacf60309de55fbe6b9b48b8549118b8549118b8549118b8549118b854911
```
Read-only access:
Title: YTVN (Operator) | path: db/ytvn-operator | type: dash-db
```
  Found on 2024-12-21 23:38
- Fingerprint: afdaacf60309de55fbe6b9b49edc3f379edc3f379edc3f379edc3f379edc3f37
```
Read-only access:
Title: YTVN (Testing) | path: db/ytvn-testing | type: dash-db
```
  Found on 2023-03-15 01:16
- Fingerprint: afdaacf60309de55fbe6b9b422dd4bc522dd4bc522dd4bc522dd4bc522dd4bc5
```
Read-only access:
Title: YTVN | path: db/ytvn | type: dash-db
```
  Found on 2022-11-13 13:20
- Fingerprint: afdaacf60a09e95b794bffe1d37dfc4ab2004dda6a2a9f9a2ac55b062ac55b06
```
Unrestricted access:
Title: YTVN | path: db/ytvn | type: dash-db
Datasources:
Name: MySQL | type: mysql | dsn: ytvn-channel-alert-dev.cyutpj48zbnt.us-east-1.rds.amazonaws.com:3306/sys
Name: WebSocket API | type: golioth-websocket-datasource | dsn: /
```
  Found on 2022-11-12 17:50
Create report
SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 107.23.76.187
Port: 22

First seen 2024-07-03 16:02
Last seen 2024-08-31 20:43
Open for 59 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb583e3d39f683fe95a683fe95a683fe95a683fe95a
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2024-08-31 20:43
Create report

Open service 107.23.76.187:443

2024-12-22 00:47

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 22 Dec 2024 00:47:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 10 hours ago by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-22 00:47
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 10 hours ago by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:80

2024-12-21 23:38

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Dec 2024 23:38:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 11 hours ago by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-12-21 23:38
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 11 hours ago by GrafanaOpenPlugin
Create report
Open service 107.23.76.187:443

2024-12-19 23:55
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2 days ago by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:443

2024-12-19 23:55

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 19 Dec 2024 23:55:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2 days ago by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-12-19 22:37

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 19 Dec 2024 22:37:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2 days ago by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-12-19 22:37
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2 days ago by GrafanaOpenPlugin
Create report
Open service 107.23.76.187:80

2024-12-17 23:55
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-17 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:80

2024-12-17 23:55

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Dec 2024 23:55:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2024-12-17 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-17 22:08

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Dec 2024 22:08:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-12-17 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-17 22:08
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-17 by GrafanaOpenPlugin
Create report
Open service 107.23.76.187:80

2024-12-15 22:03
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-15 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:80

2024-12-15 22:03

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 15 Dec 2024 22:03:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2024-12-15 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-15 21:42
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-15 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:443

2024-12-15 21:42

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 15 Dec 2024 21:42:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-12-15 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-13 22:02
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-13 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:443

2024-12-13 22:02

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 13 Dec 2024 22:02:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-12-13 by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-12-13 21:44
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-13 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:80

2024-12-13 21:44

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 13 Dec 2024 21:44:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2024-12-13 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-11 23:35
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-11 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:443

2024-12-11 23:35

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 11 Dec 2024 23:35:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-12-11 by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-12-11 21:39

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 11 Dec 2024 21:39:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2024-12-11 by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-12-11 21:39
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-11 by GrafanaOpenPlugin
Create report
Open service 107.23.76.187:80

2024-12-01 23:42
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-01 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:80

2024-12-01 23:42

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 01 Dec 2024 23:42:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2024-12-01 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-01 21:55

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 01 Dec 2024 21:56:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-12-01 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-12-01 21:55
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-12-01 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:80

2024-11-29 22:00

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 29 Nov 2024 22:00:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Found 2024-11-29 by HttpPlugin

Create report

Open service 107.23.76.187:80

2024-11-29 22:00
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-11-29 by GrafanaOpenPlugin
Create report
Open service 107.23.76.187:443

2024-11-29 21:50
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-11-29 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:443

2024-11-29 21:50

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 29 Nov 2024 21:50:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-11-29 by HttpPlugin

Create report

Open service 107.23.76.187:443

2024-11-27 22:03
```
Grafana dashboard version 9.5.2
Edition: Enterprise
```
Found 2024-11-27 by GrafanaOpenPlugin
Create report

Open service 107.23.76.187:443

2024-11-27 22:03

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 27 Nov 2024 22:03:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-store
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Found 2024-11-27 by HttpPlugin

Create report

*.yourtvnow.tvyourtvnow.tv

Fingerprint:

0955ce3b3f42fc7814ddac686ed8dd81590a5d8d8d83cc8bb4475568393ae2bf

CN:

*.yourtvnow.tv

Key:

RSA-2048

Issuer:

Go Daddy Secure Certificate Authority - G2

Not before:

2024-08-11 18:22

Not after:

2025-09-12 18:22

Domain summary

No record

Host 107.23.76.187

United States

Software information

Grafana instance publicly available

Grafana instance publicly available

SSH is potenitally vulnerable

*.yourtvnow.tvyourtvnow.tv

Domain summary