LeakIX - Host 188.226.235.234

Host 188.226.235.234

The Netherlands

DIGITALOCEAN-ASN

Ubuntu

Software information

nginx nginx 1.22.0

tcp/443 tcp/80

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 188.226.235.234
Port: 22

First seen 2024-07-03 19:47
Last seen 2024-11-24 00:48
Open for 143 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb522ed691452962179529621795296217952962179
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.0p1 Ubuntu-1ubuntu7.3
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2024-11-24 00:48
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 188.226.235.234
Port: 443
URL: https://188.226.235.234/_profiler/empty/search/results

First seen 2023-02-01 10:19
Last seen 2023-02-03 11:33
Open for 2 days
- Fingerprint: 407cf4363b0e62fafca67e07b4382c27b4382c27b4382c27b4382c27b4382c27
```
Symfony profiler enabled:
https://188.226.235.234/_profiler/empty/search/results
```
  Found on 2023-02-01 10:19
Create report

Open service 188.226.235.234:22

2024-11-20 01:39
Found 2024-11-20 by SSHOpenPlugin
Create report
Open service 188.226.235.234:22

2024-11-18 00:46
Found 2024-11-18 by SSHOpenPlugin
Create report
Open service 188.226.235.234:22

2024-11-16 01:33
Found 2024-11-16 by SSHOpenPlugin
Create report

Open service 188.226.235.234:443 · stg.stanari.troskovi.com

2024-11-02 05:28

HTTP/1.1 404 Not Found
Server: nginx/1.22.0 (Ubuntu)
Date: Sat, 02 Nov 2024 05:28:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'none'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
X-RateLimit-Limit: 0
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1730525302

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2024-11-02 by HttpPlugin

Create report

Open service 188.226.235.234:22

2024-11-01 22:40
Found 2024-11-01 by SSHOpenPlugin
Create report
Open service 188.226.235.234:22

2024-10-31 23:41
Found 2024-10-31 by SSHOpenPlugin
Create report
Open service 188.226.235.234:22

2024-10-30 01:20
Found 2024-10-30 by SSHOpenPlugin
Create report
Open service 188.226.235.234:22

2024-10-21 23:58
Found 2024-10-21 by SSHOpenPlugin
Create report
Open service 188.226.235.234:22

2024-10-19 23:40
Found 2024-10-19 by SSHOpenPlugin
Create report

Open service 188.226.235.234:80 · stg.camfy.codeus.rs

2024-10-18 05:33

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 18 Oct 2024 05:33:09 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://stg.camfy.codeus.rs/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.22.0 (Ubuntu)</center>
</body>
</html>

Found 2024-10-18 by HttpPlugin

Create report

Open service 188.226.235.234:443 · stg.camfy.codeus.rs

2024-10-18 05:33

HTTP/1.1 502 Bad Gateway
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 18 Oct 2024 05:33:11 GMT
Content-Type: text/html
Content-Length: 568
Connection: close

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.22.0 (Ubuntu)</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-10-18 by HttpPlugin

Create report

Open service 188.226.235.234:443 · stg.api.syncpage.io

2024-10-18 05:31

HTTP/1.1 404 Not Found
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 18 Oct 2024 05:31:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'none'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
X-RateLimit-Limit: 0
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1729229902

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2024-10-18 by HttpPlugin

Create report

Open service 188.226.235.234:80 · stg.api.syncpage.io

2024-10-18 05:31

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 18 Oct 2024 05:31:56 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://stg.api.syncpage.io/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.22.0 (Ubuntu)</center>
</body>
</html>

Found 2024-10-18 by HttpPlugin

Create report

Open service 188.226.235.234:443 · ma.update.codeus.rs

2024-10-18 05:31

HTTP/1.1 404 Not Found
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 18 Oct 2024 05:31:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: close
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'none'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
X-RateLimit-Limit: 0
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1729229902

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2024-10-18 by HttpPlugin

Create report

Open service 188.226.235.234:22

2024-10-17 23:44
Found 2024-10-17 by SSHOpenPlugin
Create report

stg.api.syncpage.io

Fingerprint:

500b3abbc8ea5a78bd4a8d5e42ba54f612467cbfcc3fb004221feb56c1cdcf99

CN:

stg.api.syncpage.io

Key:

ECDSA-256

Issuer:

Not before:

2024-09-11 03:20

Not after:

2024-12-10 03:20

stg.camfy.codeus.rs

Fingerprint:

12e31ffd4d1c1b40091bbf0e8b41b26c5b64ffd543861437e75eaea142bb1e43

CN:

stg.camfy.codeus.rs

Key:

ECDSA-256

Issuer:

Not before:

2024-10-18 04:33

Not after:

2025-01-16 04:33

Domain summary

stg.stanari.troskovi.com 0 stg.camfy.codeus.rs 1 stg.api.syncpage.io 1 ma.update.codeus.rs 0

4 recorded

Host 188.226.235.234

The Netherlands

Software information

SSH is potenitally vulnerable

Symfony developement panel enabled

stg.api.syncpage.io

stg.camfy.codeus.rs

Domain summary