Host 158.160.48.18
Russia
Software information
nginx 1.18.0
tcp/443 tcp/80
-
Redis instance is public
The Redis instance is open to the public.
This could result to data leak and code execution.
First seen 2024-09-11 13:39
Last seen 2024-12-22 00:54
Open for 101 days-
Severity: medium
Fingerprint: d606b92f1b5fdf18476e4752476e4752476e4752476e4752476e4752476e4752Redis is open with 1 keys in dbs
Found on 2024-12-22 00:541 rows -
Severity: medium
Fingerprint: d606b92f1b5fdf185732408f5732408f5732408f5732408f5732408f5732408fRedis is open with 0 keys in dbs
Found on 2024-12-19 23:58 -
Severity: medium
Fingerprint: d606b92f1b5fdf185497e6545497e6545497e6545497e6545497e6545497e654Redis is open with 3 keys in dbs
Found on 2024-11-23 23:513 rows -
Severity: medium
Fingerprint: d606b92f1b5fdf1897c596ab97c596ab97c596ab97c596ab97c596ab97c596abRedis is open with 4 keys in dbs
Found on 2024-11-03 23:384 rows
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2024-08-18 21:57
Last seen 2024-09-30 08:15
Open for 42 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e9775a8c4eeb437dbae96bc27d6a37950aFound 5 files trough .DS_Store spidering: /icons /img /letter /logo.svg /svg
Found on 2024-09-30 08:15
-
-
Open service 158.160.48.18:80 · pass-api.theunit.ru
2024-12-19 07:31
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Thu, 19 Dec 2024 07:31:56 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://pass-api.theunit.ru/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>
Found 2024-12-19 by HttpPluginCreate report
-
Open service 158.160.48.18:443 · pass-api.theunit.ru
2024-12-19 07:31
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 19 Dec 2024 07:31:55 GMT Content-Type: text/html; charset=utf-8 Content-Length: 3064 Connection: close X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin Cross-Origin-Opener-Policy: same-origin Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Expose-Headers: Content-Length,Content-Range Page title: Page not found at / <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title>Page not found at /</title> <meta name="robots" content="NONE,NOARCHIVE"> <style type="text/css"> html * { padding:0; margin:0; } body * { padding:10px 20px; } body * * { padding:0; } body { font:small sans-serif; background:#eee; color:#000; } body>div { border-bottom:1px solid #ddd; } h1 { font-weight:normal; margin-bottom:.4em; } h1 span { font-size:60%; color:#666; font-weight:normal; } table { border:none; border-collapse: collapse; width:100%; } td, th { vertical-align:top; padding:2px 3px; } th { width:12em; text-align:right; color:#666; padding-right:.5em; } #info { background:#f6f6f6; } #info ol { margin: 0.5em 4em; } #info ol li { font-family: monospace; } #summary { background: #ffc; } #explanation { background:#eee; border-bottom: 0px none; } pre.exception_value { font-family: sans-serif; color: #575757; font-size: 1.5em; margin: 10px 0 10px 0; } </style> </head> <body> <div id="summary"> <h1>Page not found <span>(404)</span></h1> <table class="meta"> <tr> <th>Request Method:</th> <td>GET</td> </tr> <tr> <th>Request URL:</th> <td>https://pass-api.theunit.ru/</td> </tr> </table> </div> <div id="info"> <p> Using the URLconf defined in <code>settings.urls</code>, Django tried these URL patterns, in this order: </p> <ol> <li> admin/ </li> <li> api/ </li> <li> reports/ </li> <li> sentry-debug/ </li> <li> ^static/(?P<path>.*)$ </li> <li> ^media/(?P<path>.*)$ </li> <li> swagger(?P<format>\.json|\.yaml) [name='schema-json'] </li> <li> swagger/ [name='schema-swagger-ui'] </li> <li> redoc/ [name='schema-redoc'] </li> </ol> <p> The empty path didn’t match any of these. </p> </div> <div id="explanation"> <p> You’re seeing this error because you have <code>DEBUG = True</code> in your Django settings file. Change that to <code>False</code>, and Django will display a standard 404 page. </p> </div> </body> </html>Found 2024-12-19 by HttpPluginCreate report
-
Open service 158.160.48.18:443 · pass.theunit.ru
2024-12-18 07:33
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 07:33:20 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1300 Last-Modified: Thu, 07 Nov 2024 16:25:42 GMT Connection: close ETag: "672cea06-514" Accept-Ranges: bytes Page title: UNITPASS <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <link rel="icon" type="image/svg+xml" href="/logo.svg" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" /> <meta name="theme-color" content="#FFFFFF" > <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="apple-mobile-web-app-status-bar-style" content="white"> <link rel="icon" type="image/svg+xml" href="/img/icons/UP_blue.svg" /> <link rel="apple-touch-icon" sizes="120x120" href="/img/icons/android-chrome-192x192.png" /> <link rel="apple-touch-icon" sizes="152x152" href="/img/icons/android-chrome-512x512.png" /> <link rel="preconnect" href="https://fonts.googleapis.com" /> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin /> <link href="https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap" rel="stylesheet" /> <title>UNITPASS</title> <script type="module" crossorigin src="/assets/index-06ec89be.js"></script> <link rel="stylesheet" href="/assets/index-178b5aee.css"> </head> <body> <div id="app"></div> </body> </html>Found 2024-12-18 by HttpPluginCreate report
-
Open service 158.160.48.18:80 · pass.theunit.ru
2024-12-18 07:33
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 07:33:19 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://pass.theunit.ru/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>
Found 2024-12-18 by HttpPluginCreate report
-
Open service 158.160.48.18:443 · pass.theunit.ru
2024-11-28 02:57
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 28 Nov 2024 02:57:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1300 Last-Modified: Thu, 07 Nov 2024 16:25:42 GMT Connection: close ETag: "672cea06-514" Accept-Ranges: bytes Page title: UNITPASS <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <link rel="icon" type="image/svg+xml" href="/logo.svg" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" /> <meta name="theme-color" content="#FFFFFF" > <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="apple-mobile-web-app-status-bar-style" content="white"> <link rel="icon" type="image/svg+xml" href="/img/icons/UP_blue.svg" /> <link rel="apple-touch-icon" sizes="120x120" href="/img/icons/android-chrome-192x192.png" /> <link rel="apple-touch-icon" sizes="152x152" href="/img/icons/android-chrome-512x512.png" /> <link rel="preconnect" href="https://fonts.googleapis.com" /> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin /> <link href="https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap" rel="stylesheet" /> <title>UNITPASS</title> <script type="module" crossorigin src="/assets/index-06ec89be.js"></script> <link rel="stylesheet" href="/assets/index-178b5aee.css"> </head> <body> <div id="app"></div> </body> </html>Found 2024-11-28 by HttpPluginCreate report
-
Open service 158.160.48.18:443
2024-11-20 14:21
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 20 Nov 2024 14:21:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 3058 Connection: close X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin Cross-Origin-Opener-Policy: same-origin Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Expose-Headers: Content-Length,Content-Range Page title: Page not found at / <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title>Page not found at /</title> <meta name="robots" content="NONE,NOARCHIVE"> <style type="text/css"> html * { padding:0; margin:0; } body * { padding:10px 20px; } body * * { padding:0; } body { font:small sans-serif; background:#eee; color:#000; } body>div { border-bottom:1px solid #ddd; } h1 { font-weight:normal; margin-bottom:.4em; } h1 span { font-size:60%; color:#666; font-weight:normal; } table { border:none; border-collapse: collapse; width:100%; } td, th { vertical-align:top; padding:2px 3px; } th { width:12em; text-align:right; color:#666; padding-right:.5em; } #info { background:#f6f6f6; } #info ol { margin: 0.5em 4em; } #info ol li { font-family: monospace; } #summary { background: #ffc; } #explanation { background:#eee; border-bottom: 0px none; } pre.exception_value { font-family: sans-serif; color: #575757; font-size: 1.5em; margin: 10px 0 10px 0; } </style> </head> <body> <div id="summary"> <h1>Page not found <span>(404)</span></h1> <table class="meta"> <tr> <th>Request Method:</th> <td>GET</td> </tr> <tr> <th>Request URL:</th> <td>https://158.160.48.18/</td> </tr> </table> </div> <div id="info"> <p> Using the URLconf defined in <code>settings.urls</code>, Django tried these URL patterns, in this order: </p> <ol> <li> admin/ </li> <li> api/ </li> <li> reports/ </li> <li> sentry-debug/ </li> <li> ^static/(?P<path>.*)$ </li> <li> ^media/(?P<path>.*)$ </li> <li> swagger(?P<format>\.json|\.yaml) [name='schema-json'] </li> <li> swagger/ [name='schema-swagger-ui'] </li> <li> redoc/ [name='schema-redoc'] </li> </ol> <p> The empty path didn’t match any of these. </p> </div> <div id="explanation"> <p> You’re seeing this error because you have <code>DEBUG = True</code> in your Django settings file. Change that to <code>False</code>, and Django will display a standard 404 page. </p> </div> </body> </html>Found 2024-11-20 by HttpPluginCreate report