LeakIX - Host 116.203.2.207

Host 116.203.2.207

Germany

Hetzner Online GmbH

Software information

nginx nginx

tcp/443 tcp/80

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 116.203.2.207
Port: 22

First seen 2025-10-22 23:00
Last seen 2026-02-08 17:28
Open for 108 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb581e37d9a6fcdf7e36fcdf7e36fcdf7e36fcdf7e3
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.11
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2026-02-08 17:28
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 116.203.2.207
Domain: www.dashboard.nemo.ps
Port: 443
URL: https://www.dashboard.nemo.ps

First seen 2025-12-06 11:17
Last seen 2026-02-04 19:05
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a803e331a8ecd5335752ab0c2592b4ce32baa857

GraphQL introspection enabled at /graphql
Types: 73 (by kind: ENUM: 3, INPUT_OBJECT: 23, OBJECT: 37, SCALAR: 10)
Operations:
- Query: Query | fields: business_cards, business_cards_aggregated, business_cards_by_id, business_cards_by_version, business_cards_files
- Mutation: Mutation | fields: create_business_cards_files_item, create_business_cards_files_items, create_business_cards_item, create_business_cards_items, create_maps_poi_items
- Subscription: Subscription | fields: business_cards_files_mutated, business_cards_mutated, directus_files_mutated, directus_folders_mutated, directus_users_mutated
Directives: deprecated, include, skip (total: 3)

Readable stores: 0

Found on 2026-02-04 19:05

133.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 116.203.2.207
Domain: dashboard.nemo.ps
Port: 443
URL: https://dashboard.nemo.ps

First seen 2025-12-06 11:17
Last seen 2026-02-04 19:05
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a803e331a8ecd5335752ab0c2592b4ce32baa857

GraphQL introspection enabled at /graphql
Types: 73 (by kind: ENUM: 3, INPUT_OBJECT: 23, OBJECT: 37, SCALAR: 10)
Operations:
- Query: Query | fields: business_cards, business_cards_aggregated, business_cards_by_id, business_cards_by_version, business_cards_files
- Mutation: Mutation | fields: create_business_cards_files_item, create_business_cards_files_items, create_business_cards_item, create_business_cards_items, create_maps_poi_items
- Subscription: Subscription | fields: business_cards_files_mutated, business_cards_mutated, directus_files_mutated, directus_folders_mutated, directus_users_mutated
Directives: deprecated, include, skip (total: 3)

Readable stores: 0

Found on 2026-02-04 19:05

133.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 116.203.2.207
Domain: settings.nemo.ps
Port: 443
URL: https://settings.nemo.ps

First seen 2025-12-05 16:07
Last seen 2026-02-03 20:47
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3efa4dd3784b5cca5de7a8782d42c5629a2618209

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 3, INPUT_OBJECT: 12, OBJECT: 31, SCALAR: 9)
Operations:
- Query: Query | fields: CustomerSettings, CustomerSettings_aggregated, CustomerSettings_by_id, CustomerSettings_by_version, Usefull_tools
- Subscription: Subscription | fields: CustomerSettings_mutated, Usefull_tools_mutated, directus_files_mutated, test_workinghrs_mutated
Directives: deprecated, include, skip (total: 3)

Readable stores: 0

Found on 2026-02-03 20:47

128.3 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 116.203.2.207
Domain: api.crm.futureworld.ps
Port: 443
URL: https://api.crm.futureworld.ps

First seen 2025-12-05 09:46
Last seen 2026-02-03 20:46
Open for 60 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d9181c39a346585bfbe2b3f59676f8159676f815
```
GraphQL introspection enabled at /graphql
Types: 12 (by kind: ENUM: 2, OBJECT: 7, SCALAR: 3)
Operations:
- Query: Query | fields: _empty
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-02-03 20:46
  
  17.2 kBytes
Create report

Open service 116.203.2.207:80 · www.trcore.treesal.com

2026-02-09 07:44

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 09 Feb 2026 07:44:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://trcore.treesal.com/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 8 hours ago by HttpPlugin

Create report

Open service 116.203.2.207:80 · www.api-berlin.nemo.ps

2026-02-09 07:11

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 09 Feb 2026 07:11:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://accounts-api.noqta.ps/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 9 hours ago by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.sms.treesal.com

2026-02-04 19:06

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 04 Feb 2026 19:06:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-02-04 by HttpPlugin

Create report

Open service 116.203.2.207:80 · www.api.madxgear.com

2026-02-04 19:03

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 04 Feb 2026 19:03:12 GMT
Content-Type: text/html
Content-Length: 146
Connection: close

Page title: 404 Not Found

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-02-04 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-pizzarella.nemo.ps

2026-02-04 18:59

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 04 Feb 2026 18:59:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-02-04 by HttpPlugin

Create report

Open service 116.203.2.207:443 · dashboard.nemo.ps

2026-01-23 16:27

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Jan 2026 16:27:30 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.dashboard.nemo.ps

2026-01-23 12:04

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Jan 2026 12:04:44 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api.crm.futureworld.ps

2026-01-23 11:22

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Jan 2026 11:22:29 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://raw.githubusercontent.com https://avatars.githubusercontent.com;media-src 'self';connect-src 'self' https://* wss://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-fitfuel.nemo.ps

2026-01-23 11:14

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 11:14:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api-fitfuel.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · settings.nemo.ps

2026-01-23 08:47

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Jan 2026 08:47:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-armani.nemo.ps

2026-01-23 07:44

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 07:44:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=3lfcsamtl5fmh4rtre64feik4i; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Location: https://api-armani.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api-sultanbasha.nemo.ps

2026-01-23 07:15

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Fri, 23 Jan 2026 07:15:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Retry-After: 3600

Page title: Maintenance Mode

                <!DOCTYPE html>
                <html lang="ar" style="height: 100%;" dir="rtl">
                <head>
                    <meta charset="UTF/8">
                    <meta name="viewport" content="width=device-width, initial-scale=1.0">
                    <title>Maintenance Mode</title>
                    <style>
                        @import url('https://fonts.googleapis.com/css2?family=Alexandria:wght@400&display=swap');
                        body {
                            display: flex;
                            justify-content: right;
                            align-items: center;
                            height: 100vh;
                            margin: 0;
                            background-image: linear-gradient(to left, rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.8)), url('https://styleshout.com/templates/preview/Imminent_1_0_0/images/bg-static.jpg');
                            background-size: cover;
                            background-position: center;
                            color: white;
                            font-family: Alexandria, sans-serif;
                    
                        }
                        h1 {
                            text-align: right;
                            font-size: 40px;
                            margin-right: 2%;
                            opacity: 0; /* Start with the text fully transparent */
            animation: fadeIn 2s ease-out forwards;
                        }
                        @keyframes fadeIn {
                        from { opacity: 0; }
                        to { opacity: 1; }
                            }
                    </style>
                </head>
                <body>
                    <h1>سنعود لكم بتحديث مبهر فالايام القادمة ! </h1>
                </body>
                </html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · eeps.nemo.ps

2026-01-23 05:20

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Fri, 23 Jan 2026 05:20:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Retry-After: 3600

Page title: Maintenance Mode

                <!DOCTYPE html>
                <html lang="ar" style="height: 100%;" dir="rtl">
                <head>
                    <meta charset="UTF/8">
                    <meta name="viewport" content="width=device-width, initial-scale=1.0">
                    <title>Maintenance Mode</title>
                    <style>
                        @import url('https://fonts.googleapis.com/css2?family=Alexandria:wght@400&display=swap');
                        body {
                            display: flex;
                            justify-content: right;
                            align-items: center;
                            height: 100vh;
                            margin: 0;
                            background-image: linear-gradient(to left, rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.8)), url('https://styleshout.com/templates/preview/Imminent_1_0_0/images/bg-static.jpg');
                            background-size: cover;
                            background-position: center;
                            color: white;
                            font-family: Alexandria, sans-serif;
                    
                        }
                        h1 {
                            text-align: right;
                            font-size: 40px;
                            margin-right: 2%;
                            opacity: 0; /* Start with the text fully transparent */
            animation: fadeIn 2s ease-out forwards;
                        }
                        @keyframes fadeIn {
                        from { opacity: 0; }
                        to { opacity: 1; }
                            }
                    </style>
                </head>
                <body>
                    <h1>سنعود لكم بتحديث مبهر فالايام القادمة ! </h1>
                </body>
                </html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-sultanbasha.nemo.ps

2026-01-22 23:27

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Jan 2026 23:27:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api-sultanbasha.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-22 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api-armani.nemo.ps

2026-01-22 23:21

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Jan 2026 23:22:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=1bsl6l66pgt4ohgd1ujinhbeue; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://api-armani.nemo.ps/wp-json/>; rel="https://api.w.org/"
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-22 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api.ayyam-zaman.nemo.ps

2026-01-22 22:34

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Jan 2026 22:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api.ayyam-zaman.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-22 by HttpPlugin

Create report

Open service 116.203.2.207:22

2026-01-22 17:23
Found 2026-01-22 by SSHOpenPlugin
Create report

Open service 116.203.2.207:443 · armani.nemo.ps

2026-01-21 18:57

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 21 Jan 2026 18:57:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-21 by HttpPlugin

Create report

Open service 116.203.2.207:80 · armani.nemo.ps

2026-01-21 18:57

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Jan 2026 18:57:23 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://accounts-api.noqta.ps/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-21 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.armani.nemo.ps

2026-01-21 18:57

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 21 Jan 2026 18:57:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-21 by HttpPlugin

Create report

Open service 116.203.2.207:80 · www.armani.nemo.ps

2026-01-21 18:57

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Jan 2026 18:57:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://accounts-api.noqta.ps/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-21 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api.ayyam-zaman.nemo.ps

2026-01-10 02:33

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Jan 2026 02:34:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api.ayyam-zaman.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-10 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api-sultanbasha.nemo.ps

2026-01-10 00:25

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Sat, 10 Jan 2026 00:25:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Retry-After: 3600

Found 2026-01-10 by HttpPlugin

Create report

Open service 116.203.2.207:443 · eeps.nemo.ps

2026-01-09 16:58

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Fri, 09 Jan 2026 16:58:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Retry-After: 3600

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api-frizer.nemo.ps

2026-01-09 16:05

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Fri, 09 Jan 2026 16:06:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Retry-After: 3600

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · dashboard.nemo.ps

2026-01-09 15:53

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Jan 2026 15:53:31 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api.crm.futureworld.ps

2026-01-09 13:40

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Jan 2026 13:41:02 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://raw.githubusercontent.com https://avatars.githubusercontent.com;media-src 'self';connect-src 'self' https://* wss://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-fitfuel.nemo.ps

2026-01-09 12:51

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 12:52:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api-fitfuel.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-armani.nemo.ps

2026-01-09 11:55

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 11:55:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=q4g6i9fhghbo1g0a7mk5p9dqqk; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Location: https://api-armani.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · settings.nemo.ps

2026-01-09 10:04

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Jan 2026 10:04:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.dashboard.nemo.ps

2026-01-09 08:21

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Jan 2026 08:21:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
Content-Security-Policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Powered-By: Directus
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Range
Location: ./admin
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubdomains


Found. Redirecting to ./admin

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-sultanbasha.nemo.ps

2026-01-09 06:56

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 06:56:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api-sultanbasha.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:80 · www.fitfuel.nemo.ps

2026-01-09 05:54

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 05:54:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://fitfuel.nemo.ps/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · fitfuel.nemo.ps

2026-01-09 05:54

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Jan 2026 05:54:56 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 53893
Connection: close
x-powered-by: Nuxt
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin


<!DOCTYPE html><html><head><meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title></title>
<style id="vuetify-theme-stylesheet">:root {
      --v-theme-background: 255,255,255;
      --v-theme-background-overlay-multiplier: 1;
      --v-theme-surface: 255,255,255;
      --v-theme-surface-overlay-multiplier: 1;
      --v-theme-surface-bright: 255,255,255;
      --v-theme-surface-bright-overlay-multiplier: 1;
      --v-theme-surface-light: 238,238,238;
      --v-theme-surface-light-overlay-multiplier: 1;
      --v-theme-surface-variant: 66,66,66;
      --v-theme-surface-variant-overlay-multiplier: 2;
      --v-theme-on-surface-variant: 238,238,238;
      --v-theme-primary: 255,255,255;
      --v-theme-primary-overlay-multiplier: 1;
      --v-theme-primary-darken-1: 31,85,146;
      --v-theme-primary-darken-1-overlay-multiplier: 2;
      --v-theme-secondary: 255,255,255;
      --v-theme-secondary-overlay-multiplier: 1;
      --v-theme-secondary-darken-1: 1,135,134;
      --v-theme-secondary-darken-1-overlay-multiplier: 1;
      --v-theme-error: 234,84,85;
      --v-theme-error-overlay-multiplier: 1;
      --v-theme-info: 0,207,232;
      --v-theme-info-overlay-multiplier: 1;
      --v-theme-success: 40,199,111;
      --v-theme-success-overlay-multiplier: 1;
      --v-theme-warning: 255,159,67;
      --v-theme-warning-overlay-multiplier: 1;
      --v-theme-header: 255,255,255;
      --v-theme-header-overlay-multiplier: 1;
      --v-theme-on-primary: 255,255,255;
      --v-theme-on-secondary: 255,255,255;
      --v-theme-on-success: 255,255,255;
      --v-theme-on-info: 255,255,255;
      --v-theme-on-warning: 255,255,255;
      --v-theme-on-background: 86,86,86;
      --v-theme-on-surface: 86,86,86;
      --v-theme-on-white: 86,86,86;
      --v-theme-grey-50: 250,250,250;
      --v-theme-grey-50-overlay-multiplier: 1;
      --v-theme-grey-100: 245,245,245;
      --v-theme-grey-100-overlay-multiplier: 1;
      --v-theme-grey-200: 238,238,238;
      --v-theme-grey-200-overlay-multiplier: 1;
      --v-theme-grey-300: 224,224,224;
      --v-theme-grey-300-overlay-multiplier: 1;
      --v-theme-grey-400: 189,189,189;
      --v-theme-grey-400-overlay-multiplier: 1;
      --v-theme-grey-500: 158,158,158;
      --v-theme-grey-500-overlay-multiplier: 1;
      --v-theme-grey-600: 117,117,117;
      --v-theme-grey-600-overlay-multiplier: 2;
      --v-theme-grey-700: 97,97,97;
      --v-theme-grey-700-overlay-multiplier: 2;
      --v-theme-grey-800: 66,66,66;
      --v-theme-grey-800-overlay-multiplier: 2;
      --v-theme-grey-900: 33,33,33;
      --v-theme-grey-900-overlay-multiplier: 2;
      --v-theme-perfect-scrollbar-thumb: 219,218,222;
      --v-theme-perfect-scrollbar-thumb-overlay-multiplier: 1;
      --v-theme-skin-bordered-background: 255,255,255;
      --v-theme-skin-bordered-background-overlay-multiplier: 1;
      --v-theme-skin-bordered-surface: 255,255,255;
      --v-theme-skin-bordered-surface-overlay-multiplier: 1;
      --v-theme-on-surface-bright: 0,0,0;
      --v-theme-on-surface-light: 0,0,0;
      --v-theme-on-primary-darken-1: 255,255,255;
      --v-theme-on-secondary-darken-1: 255,255,255;
      --v-theme-on-error: 255,255,255;
      --v-theme-on-header: 0,0,0;
      --v-theme-on-grey-50: 0,0,0;
      --v-theme-on-grey-100: 0,0,0;
      --v-theme-on-grey-200: 0,0,0;
      --v-theme-on-grey-300: 0,0,0;
      --v-theme-on-grey-400: 0,0,0;
      --v-theme-on-grey-500: 255,255,255;
      --v-theme-on-grey-600: 255,255,255;
      --v-theme-on-grey-700: 255,255,255;
      --v-theme-on-grey-800: 255,255,255;
      --v-theme-on-grey-900: 255,255,255;
      --v-theme-on-perfect-scrollbar-thumb: 0,0,0;
      --v-theme-on-skin-bordered-background: 0,0,0;
      --v-theme-on-skin-bordered-surface: 0,0,0;
      --v-border-color: 47, 43, 61;
      --v-border-opacity: 0.16;
      --v-high-emphasis-opacity: 0.78;
      --v-medium-emphasis-opacity: 0.68;
      --v-disabled-opacity: 0.42;
      --v-idle-opacity: 0.04;
      --v-hover-opacity: 0.04;
      --v-focus-opacity: 0.12;
      --v-

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.fitfuel.nemo.ps

2026-01-09 05:54

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 05:54:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://fitfuel.nemo.ps/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:80 · fitfuel.nemo.ps

2026-01-09 05:54

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 05:54:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://fitfuel.nemo.ps/
Strict-Transport-Security: max-age=31536000; includeSubdomains

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · api-armani.nemo.ps

2026-01-09 04:45

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Jan 2026 04:45:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=sclumj0lj66gjbj9vni4vvoshk; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://api-armani.nemo.ps/wp-json/>; rel="https://api.w.org/"
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api.shawrmastop.net

2026-01-09 02:42

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 02:42:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api.shawrmastop.net/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-09 by HttpPlugin

Create report

Open service 116.203.2.207:443 · www.api-frizer.nemo.ps

2026-01-08 23:31

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Jan 2026 23:31:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api-frizer.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless

Found 2026-01-08 by HttpPlugin

Create report

Open service 116.203.2.207:22

2026-01-08 14:43
Found 2026-01-08 by SSHOpenPlugin
Create report

Open service 116.203.2.207:443 · www.api.ayyam-zaman.nemo.ps

2026-01-02 22:56

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Jan 2026 22:56:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://api.ayyam-zaman.nemo.ps/
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: credentialless