LeakIX - Host 154.53.36.75

Host 154.53.36.75

United States

CONTABO-40021

Ubuntu

Software information

nginx nginx 1.18.0

tcp/443

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 154.53.36.75
Port: 22

First seen 2025-10-22 13:59
Last seen 2026-02-08 12:30
Open for 108 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb53ea6237e8f56bf578f56bf578f56bf578f56bf57
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2026-02-08 12:30
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 154.53.36.75
Domain: tobarconstruction.devgustavo.com
Port: 443
URL: https://tobarconstruction.devgustavo.com

First seen 2023-12-04 04:22
Last seen 2024-01-05 21:56
Open for 32 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522798e7284
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/gafc2001/bienes-raices.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "feature"]
	remote = origin
	merge = refs/heads/feature
```
  Found on 2024-01-05 21:56
  
  330 Bytes
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 154.53.36.75
Domain: certificados.devgustavo.com
Port: 443
URL: https://certificados.devgustavo.com

First seen 2023-05-21 06:05
Last seen 2024-01-05 19:12
Open for 229 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e74a2ec0
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/gafc2001/certificados_firmas.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[pull]
	rebase = false
```
  Found on 2024-01-05 19:12
  
  295 Bytes
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220569c4c8
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/gafc2001/certificados_firmas.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
```
  Found on 2023-05-21 06:05
  
  272 Bytes
Create report

Open service 154.53.36.75:22

2026-01-22 16:31
Found 2026-01-22 by SSHOpenPlugin
Create report

Open service 154.53.36.75:443

2026-01-21 15:18

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 21 Jan 2026 15:18:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1733
Connection: close
Access-Control-Allow-Origin: *
ETag: W/"6c5-0TdYQjwQyprEnaTtpAq+A469Q6o"

Page title: Node-RED

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="mobile-web-app-capable" content="yes">
<!--
  Copyright OpenJS Foundation and other contributors, https://openjsf.org/

  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
  You may obtain a copy of the License at

  http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<title>Node-RED</title>
<link rel="icon" type="image/png" href="favicon.ico">
<link rel="mask-icon" href="red/images/node-red-icon-black.svg" color="#8f0000">
<link rel="stylesheet" href="vendor/jquery/css/base/jquery-ui.min.css?v=3db31bac670d">
<link rel="stylesheet" href="vendor/font-awesome/css/font-awesome.min.css?v=3db31bac670d">
<link rel="stylesheet" href="red/style.min.css?v=3db31bac670d">
<link rel="stylesheet" href="vendor/monaco/style.css?v=3db31bac670d">
</head>
<body spellcheck="false">
<div id="red-ui-editor"></div>
<script src="vendor/vendor.js?v=3db31bac670d"></script>
<script src="vendor/monaco/monaco-bootstrap.js?v=3db31bac670d"></script>
<script src="red/red.min.js?v=3db31bac670d"></script>
<script src="red/main.min.js?v=3db31bac670d"></script>


</body>
</html>

Found 2026-01-21 by HttpPlugin

Create report

locksmith7.com

Fingerprint:

27ea4c2b3f9291f67d7dd14d5c0638cb8a5c9b671f60b18cb7cf4b9d976425fd

CN:

locksmith7.com

Key:

ECDSA-256

Issuer:

Not before:

2025-12-13 07:48

Not after:

2026-03-13 07:48

Domain summary

certificados.devgustavo.com 2 tobarconstruction.devgustavo.com 1

2 recorded

Host 154.53.36.75

United States

Software information

SSH is potenitally vulnerable

Git configuration and history exposed

Git configuration and history exposed

Create report

Create report

locksmith7.com

Domain summary