Host 149.210.84.5
Greece
-
Detected HTTP traversal vulnerability
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
IP: 149.210.84.5
Port: 443
URL: https://149.210.84.5/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hostsFirst seen 2022-04-10 22:39-
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07df231d2bcf231d2bc8117f206b4436c27ccc1d846Found host file trough Directory traversal: 127.0.0.1 localhost # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.1.1 gwg
Found on 2022-04-10 22:39
-
-
Open service 149.210.84.5:80
2024-09-12 06:24
HTTP/1.1 200 OK Connection: close X-Frame-Options: SAMEORIGIN ETag: "f9d-197-62457d9f" Last-Modified: Thu, 31 Mar 2022 10:08:31 GMT Date: Thu, 12 Sep 2024 06:24:38 GMT Content-Type: text/html Content-Length: 407 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="refresh" content="0; URL=/cgi-bin/luci" /> </head> <body style="background-color: white"> <a style="color: white; text-decoration: none" href="/cgi-bin/luci">Wait for configuration</a> </body> </html>
Found 2024-09-12 by HttpPluginCreate report
-
Open service 149.210.84.5:443
2024-09-10 10:20
HTTP/1.1 200 OK Connection: close X-Frame-Options: SAMEORIGIN ETag: "f9d-197-62457d9f" Last-Modified: Thu, 31 Mar 2022 10:08:31 GMT Date: Tue, 10 Sep 2024 10:20:21 GMT Content-Type: text/html Content-Length: 407 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="refresh" content="0; URL=/cgi-bin/luci" /> </head> <body style="background-color: white"> <a style="color: white; text-decoration: none" href="/cgi-bin/luci">Wait for configuration</a> </body> </html>
Found 2024-09-10 by HttpPluginCreate report
-
Open service 149.210.84.5:8080
2024-09-10 00:33
HTTP/1.1 200 OK Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN Content-Type: text/html X-Content-Type-Options: nosniff Date: Tue, 10 Sep 2024 01:33:13 GMT ETag: 1718874671 Content-Length: 3027 X-XSS-Protection: 1; mode=block Last-Modified: Thu, 20 Jun 2024 00:06:38 GMT Connection: close Accept-Ranges: bytes Page title: logger <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no"><title class="title">logger</title><style>.mask-filter-mask{-webkit-filter:blur(6px);-moz-filter:blur(6px);-ms-filter:blur(6px);filter:blur(6px)}</style><link href="/css/app.703d5094.css" rel="preload" as="style"><link href="/js/app.86e036ee.js" rel="preload" as="script"><link href="/js/chunk-vendors.ee0f5860.js" rel="preload" as="script"><link href="/css/app.703d5094.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but <%= htmlWebpackPlugin.options.title %> doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="ROOT_Guide"></div><div id="ROOT_app"></div><div id="ROOT_update"></div><script src="/js/chunk-vendors.ee0f5860.js"></script><script src="/js/app.86e036ee.js"></script></body></html><script>!function(){if(!window.zhuge){var t=Element.prototype.addEventListener;window.zgclickhook=!0,Element.prototype.addEventListener=function(){var e=arguments[0],o=arguments[1];return"click"===e&&o&&(this.setAttribute("zgclickable",!0),this.setAttribute("zghook",parseInt(this.getAttribute("zghook")||0)+1),1===parseInt(this.getAttribute("zghook"))&&t.call(this,"click",n)),t.apply(this,arguments)};var e=Element.prototype.removeEventListener;Element.prototype.removeEventListener=function(){var t=arguments[0];this.setAttribute("zghook",parseInt(this.getAttribute("zghook")||0)-1),"click"===t&&parseInt(this.getAttribute("zghook"))<=0&&(this.removeAttribute("zgclickable"),e.call(this,t,n)),e.apply(this,arguments)},window.zhuge=[],window.zhuge.methods="_init identify track trackRevenue getDid getSid getKey setSuperProperty setUserProperties setWxProperties setPlatform".split(" "),window.zhuge.factory=function(t){return function(){var e=Array.prototype.slice.call(arguments);return e.unshift(t),window.zhuge.push(e),window.zhuge}};for(var o=0;o<window.zhuge.methods.length;o++){var i=window.zhuge.methods[o];window.zhuge[i]=window.zhuge.factory(i)}window.zhuge.load=function(t,e){if(!document.getElementById("zhuge-js")){var o=document.createElement("script"),i=new Date,n=i.getFullYear().toString()+i.getMonth().toString()+i.getDate().toString();o.type="text/javascript",o.id="zhuge-js",o.async=!0,o.src="https://analysis.isolarcloud.com/zhuge.js?v="+n,o.onerror=function(){window.zhuge.identify=window.zhuge.track=function(t,e,o){o&&"[object Function]"===Object.prototype.toString.call(o)?o():"[object Function]"===Object.prototype.toString.call(e)&&e()}};var r=document.getElementsByTagName("script")[0];r.parentNode.insertBefore(o,r),window.zhuge._init(t,e)}},window.zhuge.load("84b706e80c244744a7dbb70f6e6865f1",{superProperty:{"应用名称":"Logger1000"},adTrack:!1,zgsee:!1,autoTrack:!0,singlePage:!0,debug:!0})}function n(){window.zhuge&&window.zhuge.trackClick&&window.zhuge.trackClick(arguments[0])}}()</script>Found 2024-09-10 by HttpPluginCreate report