Host 20.232.228.137
United States
Software information
Microsoft-IIS 10.0
tcp/443
-
A JSON configuration file has been found
A JSON configuration file has been found at
config.json.It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
First seen 2022-09-05 12:16
Last seen 2023-02-05 01:20
Open for 152 days-
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c9a7703ed
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-9165153e279c5c4fb92c1d8aec2deacf-e0f533a4e0ca3b45-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2023-02-05T01:20:54.2292883+00:00", "body": "" }Found on 2023-02-05 01:20 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6cc47097ae
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-a4caabe158e7b84dbf793b1b6b45bf37-8106962247cb0548-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2023-01-16T15:16:36.4173843+00:00", "body": "" }Found on 2023-01-16 15:16 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c7f3ff353
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-35e7e417831af243929a3e1109fc8c60-f716b0409852c94a-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2022-12-18T21:50:40.0187189+00:00", "body": "" }Found on 2022-12-18 21:50 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6cc1d6b31c
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-5c6a2dcab3387f4da0d80328f23cecbc-deca2ab66e26a843-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2022-11-17T20:44:19.7581943+00:00", "body": "" }Found on 2022-11-17 20:44 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6cc3bc0923
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-ac14a8453efd1a44ab376b1d8d3a60bf-1e2f58054e101c42-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2022-11-06T22:04:22.0047052+00:00", "body": "" }Found on 2022-11-06 22:04 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c0debb563
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-dfb8e8bf86a6d94abab3df05054e3315-cd3a089869d7704a-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2022-10-14T20:52:36.142748+00:00", "body": "" }Found on 2022-10-14 20:52 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c9fda013a
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-55b9063262cff64aa7a735588bb9e2ad-588043b984b3304d-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2022-09-30T20:04:43.4254371+00:00", "body": "" }Found on 2022-09-30 20:04 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6cba50a520
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-2e425ada9dcd474a83473be3a25f7075-2383aa4b73f2bf48-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ] }, "time": "2022-09-15T14:46:34.8093816+00:00", "body": "" }Found on 2022-09-15 14:46 -
Severity: low
Fingerprint: b18befd9dd6536aa30550de520b1a681b2c544127d6d93e9bf0b4111bf22e388{ "body": "", "headers": { "Accept-Encoding": [ "gzip" ], "Connection": [ "close" ], "Host": [ "localhost:5000" ], "User-Agent": [ "l9explore/1.3.0" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "https" ], "traceparent": [ "00-1c64cd92e881e04999d6704b4f576fc9-1936c4bc8f8b9945-00" ] }, "host": "localhost:5000", "method": "GET", "path": "/config.json", "pathBase": "", "protocol": "HTTP/1.1", "query": "", "scheme": "http", "time": "2022-09-05T12:16:03.3610774+00:00" }Found on 2022-09-05 12:16668 Bytes
-
-
A JSON configuration file has been found
A JSON configuration file has been found at
config.json.It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
First seen 2022-08-06 08:52
Last seen 2023-02-03 05:07
Open for 180 days-
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c28b985a4
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-7ba5f73c32a1ff47ab2a53594e4fb7f0-648e563a32e67842-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2023-02-03T05:07:54.5420019+00:00", "body": "" }Found on 2023-02-03 05:07 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c9d85e516
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-9e40ec96cbef5f4f81bdb0ac819e68b2-62ef76d2c2cf884c-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2023-01-13T19:00:00.0505424+00:00", "body": "" }Found on 2023-01-13 18:59 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6ccfc80bf4
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-db0892611a86164fa49cd08be7a4b868-fc85f003b5adfd49-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-12-23T14:28:26.5686368+00:00", "body": "" }Found on 2022-12-23 14:28 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6ce80b1add
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-9504b6fc15a58b47a7318248b8806f9a-6422e8de62b1c347-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-12-02T19:33:46.6109813+00:00", "body": "" }Found on 2022-12-02 19:33 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c32b22f59
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-7a33992375af224286dd554d5667a7b1-04b3665da081504c-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-11-16T20:53:33.9184197+00:00", "body": "" }Found on 2022-11-16 20:53 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6cc5b3153a
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-98c475b3e70ab54caa3725d8ba6ce93b-aa8ca75f8c46bf42-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-11-07T18:48:54.0748843+00:00", "body": "" }Found on 2022-11-07 18:48 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6caf14a07e
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-d9a4a2dc7551a84bbab0be11d2979cef-ca7a9e03db03c34b-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-11-03T13:31:39.6733947+00:00", "body": "" }Found on 2022-11-03 13:31 -
Severity: low
Fingerprint: b18befd9dd6536aa30550de520b1a681b2c544127d6d93e9bf0b4111d9eece05{ "body": "", "headers": { "Accept-Encoding": [ "gzip" ], "Connection": [ "close" ], "Host": [ "localhost:5000" ], "User-Agent": [ "l9explore/1.3.0" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ], "traceparent": [ "00-3acbb3241ca0c54fa987c2060692f83d-306c28fa76d16647-00" ] }, "host": "localhost:5000", "method": "GET", "path": "/config.json", "pathBase": "", "protocol": "HTTP/1.1", "query": "", "scheme": "http", "time": "2022-10-30T09:22:01.3650114+00:00" }Found on 2022-10-30 09:21667 Bytes -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6c5851217f
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-64cfeac5a5a76d4c9db20056138449ad-6f0cf9eba3abf84a-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-10-21T04:51:46.072295+00:00", "body": "" }Found on 2022-10-21 04:51 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6cc62432dd
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-a8188d06a643234ba365ee1fe881ef04-052bdcc3b4c59a4a-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-09-23T02:35:32.2447577+00:00", "body": "" }Found on 2022-09-23 02:35 -
Fingerprint: b18befd9dd6536aa30550de57182d84ee30b1f312f241a5c0b2caa6ceedd1e35
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/config.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "Go-http-client/1.1" ], "traceparent": [ "00-d9776771747dfd46b09e049b843ee987-d6c9c293cf79dc4b-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-09-09T03:51:40.1857702+00:00", "body": "" }Found on 2022-09-09 03:51 -
Severity: low
Fingerprint: b18befd9dd6536aa30550de520b1a681b2c544127d6d93e9bf0b41110f13a20e{ "body": "", "headers": { "Accept-Encoding": [ "gzip" ], "Connection": [ "close" ], "Host": [ "localhost:5000" ], "User-Agent": [ "l9explore/1.3.0" ], "X-Forwarded-For": [ "::ffff:10.92.0.4" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ], "traceparent": [ "00-9175c22e06c59e479b0314fd633bdabd-880147429742ad40-00" ] }, "host": "localhost:5000", "method": "GET", "path": "/config.json", "pathBase": "", "protocol": "HTTP/1.1", "query": "", "scheme": "http", "time": "2022-08-06T08:52:58.011882+00:00" }Found on 2022-08-06 08:52666 Bytes
-
-
Detected HTTP traversal vulnerability
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
IP: 20.232.228.137
Port: 80
URL: http://20.232.228.137/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hostsFirst seen 2022-08-06 08:52
Last seen 2022-11-14 22:11
Open for 100 days-
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb49217f9681Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-1d59920bf9cdcc44ac53de55fa1dc8fe-a59dcae9fb30e141-00" ], "x-forwarded-for": [ "::ffff:10.92.0.5" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "http" ] }, "time": "2022-11-14t22:11:38.1738441+00:00", "body": "" }Found on 2022-11-14 22:11 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb4976913ef0Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-b12e7e82d0aadd46a66c0bdadbc2eadd-1f81cdc298635e47-00" ], "x-forwarded-for": [ "::ffff:10.92.0.4" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "http" ] }, "time": "2022-10-30t09:22:00.0615156+00:00", "body": "" }Found on 2022-10-30 09:21 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb49ea8248e6Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-6df64bafbfbcd847ad461861b08b0335-5a7ac9c7ff454743-00" ], "x-forwarded-for": [ "::ffff:10.92.0.4" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "http" ] }, "time": "2022-08-23t07:03:43.3985274+00:00", "body": "" }Found on 2022-08-23 07:03 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb495bfc80a7Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-8c2f6ef6cf92ba499fbdce08aa752cdd-fd55a1c871128347-00" ], "x-forwarded-for": [ "::ffff:10.92.0.5" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "http" ] }, "time": "2022-08-06t08:52:56.4992183+00:00", "body": "" }Found on 2022-08-06 08:52
-
-
Detected HTTP traversal vulnerability
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
IP: 20.232.228.137
Port: 443
URL: https://20.232.228.137/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hostsFirst seen 2022-08-18 17:38
Last seen 2022-10-30 22:39
Open for 73 days-
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb49f2ee18f8Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-f1ebde8a63ad1045ad2b4c4420346322-4afd291d6a27184f-00" ], "x-forwarded-for": [ "::ffff:10.92.0.4" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "https" ] }, "time": "2022-10-30t22:39:24.3859659+00:00", "body": "" }Found on 2022-10-30 22:39 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb49da063854Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-78afed5ee198f7489e2e3e257884dfec-04b4c6f22b8c2142-00" ], "x-forwarded-for": [ "::ffff:10.92.0.4" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "https" ] }, "time": "2022-10-20t10:39:18.1033048+00:00", "body": "" }Found on 2022-10-20 10:39 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb494c38f2e1Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-4ef43def338d3c42a647f16d7f3d01d8-dd6ad49c52bc7e40-00" ], "x-forwarded-for": [ "::ffff:10.92.0.5" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "https" ] }, "time": "2022-10-04t01:36:57.4105257+00:00", "body": "" }Found on 2022-10-04 01:36 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb49f27d769eFound host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-e139addb39748e49953dcae0821cc2b3-5a89949f339cdc41-00" ], "x-forwarded-for": [ "::ffff:10.92.0.5" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "https" ] }, "time": "2022-09-16t15:26:39.3099112+00:00", "body": "" }Found on 2022-09-16 15:26 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb49f8ddc348Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-8bb5161c5800b94ba2caee0d55cb3f16-ed3f607502b00a45-00" ], "x-forwarded-for": [ "::ffff:10.92.0.5" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "https" ] }, "time": "2022-09-05t12:16:02.4326009+00:00", "body": "" }Found on 2022-09-05 12:16 -
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07d817204bccae8b529c8fa793e8f43eb4967b61610Found host file trough Directory traversal: { "protocol": "http/1.1", "method": "get", "scheme": "http", "host": "localhost:5000", "pathbase": "", "path": "/etc/hosts", "query": "", "headers": { "connection": [ "close" ], "accept-encoding": [ "gzip" ], "host": [ "localhost:5000" ], "user-agent": [ "lkx-traversalhttpplugin/0.0.1 (+https://leakix.net/, +https://twitter.com/haboubianis)" ], "traceparent": [ "00-1e64eff45407434180dd4a7f6d5cfdf8-7cb2912db2371849-00" ], "x-forwarded-for": [ "::ffff:10.92.0.4" ], "x-forwarded-host": [ "20.232.228.137" ], "x-forwarded-proto": [ "https" ] }, "time": "2022-08-18t17:38:15.7449109+00:00", "body": "" }Found on 2022-08-18 17:38
-
-
Leak detected by FirebaseHttpPlugin
No description available
First seen 2022-08-23 07:03-
Fingerprint: b17be75321b5af9cad0372ef4916ea9c836575c326b8156e3305eef227972132
{ "protocol": "HTTP/1.1", "method": "GET", "scheme": "http", "host": "localhost:5000", "pathBase": "", "path": "/.json", "query": "", "headers": { "Connection": [ "close" ], "Accept-Encoding": [ "gzip" ], "Host": [ "localhost:5000" ], "User-Agent": [ "l9explore/1.3.0" ], "traceparent": [ "00-3d247afbad436c4a8d4bedecaf1ffb2e-6d49a59d7db2aa4e-00" ], "X-Forwarded-For": [ "::ffff:10.92.0.5" ], "X-Forwarded-Host": [ "20.232.228.137" ], "X-Forwarded-Proto": [ "http" ] }, "time": "2022-08-23T07:03:45.7238516+00:00", "body": "" }Found on 2022-08-23 07:03661 Bytes
-
-
Open service 20.232.228.137:443
2024-04-25 18:06
HTTP/1.1 400 Bad Request Content-Length: 88 Content-Type: application/json; charset=utf-8 Content-Language: en Server: Microsoft-IIS/10.0 Strict-Transport-Security: max-age=2592000 request-id: 78f16340-ea5c-4f0d-a563-8ba0a5fd1094 elapsed-time: 0 Strict-Transport-Security: max-age=15724800; includeSubDomains Date: Thu, 25 Apr 2024 18:06:40 GMT Connection: close {"error":{"code":"","message":"Invalid or missing api-version query string parameter."}}Found 2024-04-25 by HttpPluginCreate report
-
Open service 20.232.228.137:443
2024-04-23 20:27
HTTP/1.1 400 Bad Request Content-Length: 88 Content-Type: application/json; charset=utf-8 Content-Language: en Server: Microsoft-IIS/10.0 Strict-Transport-Security: max-age=2592000 request-id: 6f73c143-59d2-4926-a341-87ddf45a7a68 elapsed-time: 0 Strict-Transport-Security: max-age=15724800; includeSubDomains Date: Tue, 23 Apr 2024 20:27:12 GMT Connection: close {"error":{"code":"","message":"Invalid or missing api-version query string parameter."}}Found 2024-04-23 by HttpPluginCreate report