Apache-Coyote 1.1
tcp/80
nginx 1.10.3
tcp/81
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaa1fd4d5adb393b8cdb393b8cdb393b8cdb393b8cd
NoAuth Found topic q1ney Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa0efe442a583a5e2d583a5e2d583a5e2d583a5e2d
NoAuth Found topic __consumer_offsets Found topic q1ney
Open service 210.94.128.210:81
2024-04-24 13:06
HTTP/1.1 200 OK Server: nginx/1.10.3 (Ubuntu) Date: Wed, 24 Apr 2024 13:06:07 GMT Content-Type: text/html; charset=utf-8 Content-Length: 28 Connection: close 22222 Hello Q1ney 1234567890
Open service 210.94.128.210:22
2024-04-24 02:36
Open service 210.94.128.210:80
2024-04-23 05:50
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=A710BC2D9FC6A80FBB4C079087044FFE; Path=/; HttpOnly Content-Type: text/html;charset=UTF-8 Content-Length: 337 Date: Tue, 23 Apr 2024 05:50:35 GMT Connection: close Page title: BSPower Products <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>BSPower Products</title> </head> <body> <h1>Hello BSPower! This is FlexDR2! </h1> </body> </html>