Host 31.97.9.158
United States
Software information
CloudPanel 2.5.3
tcp/8443
nginx
tcp/443 tcp/80 tcp/8443
-
SSH is potenitally vulnerable
WARNING: This plugin will generate false positive and is purely informative:
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)
First seen 2025-12-11 14:28
Last seen 2026-01-01 18:44
Open for 21 days-
Severity: info
Fingerprint: 3f43e0ebb5dce37ab8b59eb581e37d9f0be3b35a0be3b35a0be3b35a0be3b35aFound potentially vulnerable SSH version: SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.14 WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
Found on 2026-01-01 18:44
-
-
Open service 31.97.9.158:443 · precatorioswebtjpependentes.ativos.com
2026-01-05 08:16
HTTP/1.1 302 FOUND Server: nginx Date: Mon, 05 Jan 2026 08:16:33 GMT Content-Type: text/html; charset=utf-8 Content-Length: 217 Connection: close Location: /login?next=%2F Vary: Cookie Set-Cookie: session=eyJfZmxhc2hlcyI6W3siIHQiOlsiaW5mbyIsIkZhXHUwMGU3YSBsb2dpbiBwYXJhIGFjZXNzYXIgZXN0YSBwXHUwMGUxZ2luYS4iXX1dfQ.aVtzYQ.KDEntNwWz8zCxNRLQiY9NcYmgZU; HttpOnly; Path=/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin alt-svc: h3=":443"; ma=86400 Page title: Redirecting... <!doctype html> <html lang=en> <title>Redirecting...</title> <h1>Redirecting...</h1> <p>You should be redirected automatically to the target URL: <a href="/login?next=%2F">/login?next=%2F</a>. If not, click the link.
Found 2026-01-05 by HttpPluginCreate report
-
Open service 31.97.9.158:80 · precatorioswebtjpependentes.ativos.com
2026-01-05 08:16
HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 05 Jan 2026 08:16:33 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://precatorioswebtjpependentes.ativos.com/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin alt-svc: h3=":443"; ma=86400 Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 31.97.9.158:8443 · precatorioswebtjpependentes.ativos.com
2026-01-05 08:16
HTTP/1.1 302 Found Server: nginx Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Mon, 05 Jan 2026 08:16:33 GMT Location: /login Expires: Mon, 05 Jan 2026 08:16:33 GMT Set-Cookie: locale=en; path=/; secure; httponly; samesite=lax Set-Cookie: cloudpanel=k3ctpc34ogh0pcaep32pj4909t; path=/; secure; httponly; samesite=lax Page title: Redirecting to /login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/login'" /> <title>Redirecting to /login</title> </head> <body> Redirecting to <a href="/login">/login</a>. </body> </html>Found 2026-01-05 by HttpPluginCreate report
-
Open service 31.97.9.158:8443 · precatorioswebtjpependentes.ativos.com
2026-01-05 08:16
HTTP/1.1 302 Found Server: nginx Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Mon, 05 Jan 2026 08:16:33 GMT Location: /login Expires: Mon, 05 Jan 2026 08:16:33 GMT Set-Cookie: locale=en; path=/; secure; httponly; samesite=lax Set-Cookie: cloudpanel=k3ctpc34ogh0pcaep32pj4909t; path=/; secure; httponly; samesite=lax Page title: Redirecting to /login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/login'" /> <title>Redirecting to /login</title> </head> <body> Redirecting to <a href="/login">/login</a>. </body> </html>Found 2026-01-05 by CloudPanelPluginCreate report
-
Open service 31.97.9.158:443 · clientes.imobileai.com.br
2026-01-02 13:29
HTTP/1.1 302 Found Server: nginx Date: Fri, 02 Jan 2026 13:29:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=8auepuv29gi2mdh1h3eqjug6vu; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: /login.php Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin alt-svc: h3=":443"; ma=86400
Found 2026-01-02 by HttpPluginCreate report
-
Open service 31.97.9.158:443 · clientes.imobileai.com.br
2026-01-02 12:13
HTTP/1.1 302 Found Server: nginx Date: Fri, 02 Jan 2026 12:13:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=a9q9dibvdkrnk1ph4gc034d99k; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: /login.php Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin alt-svc: h3=":443"; ma=86400
Found 2026-01-02 by HttpPluginCreate report
-
Open service 31.97.9.158:443 · api.imobileai.com.br
2026-01-02 09:41
HTTP/1.1 200 OK Server: nginx Date: Fri, 02 Jan 2026 09:41:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Headers: Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-API-Key Page title: API iMobileAI <!DOCTYPE html> <html lang="pt-BR"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>API iMobileAI</title> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css" rel="stylesheet"> <style> body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: linear-gradient(135deg, #2563eb, #1e40af); min-height: 100vh; display: flex; align-items: center; justify-content: center; color: #1f2937; } .container { max-width: 800px; padding: 40px; } .card { background: white; border-radius: 16px; box-shadow: 0 10px 25px rgba(0, 0, 0, 0.1); padding: 40px; text-align: center; } .logo { font-size: 48px; color: #2563eb; margin-bottom: 20px; } h1 { color: #2563eb; font-weight: 600; margin-bottom: 20px; } .description { color: #6b7280; font-size: 18px; margin-bottom: 30px; } .btn-primary { background-color: #2563eb; border-color: #2563eb; padding: 12px 30px; font-size: 18px; border-radius: 8px; transition: all 0.3s; } .btn-primary:hover { background-color: #1e40af; border-color: #1e40af; transform: translateY(-2px); } .api-info { margin-top: 30px; text-align: left; } .api-info h3 { color: #2563eb; font-size: 20px; margin-bottom: 15px; } .api-info ul { list-style: none; padding: 0; } .api-info li { margin-bottom: 10px; color: #6b7280; } .api-info code { background: #f1f5f9; padding: 4px 8px; border-radius: 4px; color: #2563eb; } </style> </head> <body> <div class="container"> <div class="card"> <div class="logo"> <i class="bi bi-phone-fill"></i> </div> <h1>API iMobileAI</h1> <p class="description"> Interface de programação para integração com o sistema de gestão de lojas de celulares. Acesse nossa documentação completa para mais informações. </p> <a href="/documentacao_api" class="btn btn-primary"> Acessar Documentação </a> <div class="api-info"> <h3>Informações Básicas</h3> <ul> <li><strong>URL Base:</strong> <code>https://api.imobileai.com.br</code></li> <li><strong>Versão:</strong> <code>1.0.0</code></li> <li><strong>Autenticação:</strong> Bearer Token ou API Key</li> <li><strong>Formato:</strong> JSON</li> <li><strong>Suporte:</strong> suporte@imobileai.com.br</li> </ul> </div> </div> </div> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 31.97.9.158:22
2026-01-01 18:44
Found 2026-01-01 by SSHOpenPluginCreate report
-
Open service 31.97.9.158:443 · apipowerbi.ativos.com
2025-12-23 04:18
HTTP/1.1 200 OK Server: nginx Date: Tue, 23 Dec 2025 04:18:38 GMT Content-Type: application/json; charset=utf-8 Content-Length: 419 Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src 'self';style-src 'self' 'unsafe-inline';script-src 'self';img-src 'self' data: https:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Strict-Transport-Security: max-age=15552000; includeSubDomains X-Content-Type-Options: nosniff X-DNS-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 Access-Control-Allow-Origin: https://powerbi.ativos.com Vary: Origin Access-Control-Allow-Credentials: true RateLimit-Policy: 10000;w=900 RateLimit-Limit: 10000 RateLimit-Remaining: 9998 RateLimit-Reset: 900 ETag: W/"1a3-DLvZdH3EYDMEGqpA/S+vVcYbH70" X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains {"success":true,"message":"API de Análise de Precatórios - Ativos Tecnologia","version":"1.0.0","endpoints":{"GET /dados":"Listar precatórios","POST /dados":"Criar precatório (n8n)","GET /dados/:npu":"Buscar por NPU","GET /relatorios":"Dados para Power BI","GET /health":"Status da API","GET /info":"Informações da API"},"documentation":"https://apipowerbi.ativos.com/docs","timestamp":"2025-12-23T04:18:38.348Z"}Found 2025-12-23 by HttpPluginCreate report
-
Open service 31.97.9.158:443 · api.imobileai.com.br
2025-12-22 17:41
HTTP/1.1 200 OK Server: nginx Date: Mon, 22 Dec 2025 17:41:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Headers: Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-API-Key Page title: API iMobileAI <!DOCTYPE html> <html lang="pt-BR"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>API iMobileAI</title> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css" rel="stylesheet"> <style> body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: linear-gradient(135deg, #2563eb, #1e40af); min-height: 100vh; display: flex; align-items: center; justify-content: center; color: #1f2937; } .container { max-width: 800px; padding: 40px; } .card { background: white; border-radius: 16px; box-shadow: 0 10px 25px rgba(0, 0, 0, 0.1); padding: 40px; text-align: center; } .logo { font-size: 48px; color: #2563eb; margin-bottom: 20px; } h1 { color: #2563eb; font-weight: 600; margin-bottom: 20px; } .description { color: #6b7280; font-size: 18px; margin-bottom: 30px; } .btn-primary { background-color: #2563eb; border-color: #2563eb; padding: 12px 30px; font-size: 18px; border-radius: 8px; transition: all 0.3s; } .btn-primary:hover { background-color: #1e40af; border-color: #1e40af; transform: translateY(-2px); } .api-info { margin-top: 30px; text-align: left; } .api-info h3 { color: #2563eb; font-size: 20px; margin-bottom: 15px; } .api-info ul { list-style: none; padding: 0; } .api-info li { margin-bottom: 10px; color: #6b7280; } .api-info code { background: #f1f5f9; padding: 4px 8px; border-radius: 4px; color: #2563eb; } </style> </head> <body> <div class="container"> <div class="card"> <div class="logo"> <i class="bi bi-phone-fill"></i> </div> <h1>API iMobileAI</h1> <p class="description"> Interface de programação para integração com o sistema de gestão de lojas de celulares. Acesse nossa documentação completa para mais informações. </p> <a href="/documentacao_api" class="btn btn-primary"> Acessar Documentação </a> <div class="api-info"> <h3>Informações Básicas</h3> <ul> <li><strong>URL Base:</strong> <code>https://api.imobileai.com.br</code></li> <li><strong>Versão:</strong> <code>1.0.0</code></li> <li><strong>Autenticação:</strong> Bearer Token ou API Key</li> <li><strong>Formato:</strong> JSON</li> <li><strong>Suporte:</strong> suporte@imobileai.com.br</li> </ul> </div> </div> </div> </body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 31.97.9.158:443 · clientes.imobileai.com.br
2025-12-22 16:21
HTTP/1.1 302 Found Server: nginx Date: Mon, 22 Dec 2025 16:21:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=t5blttqvl88i8l76nrbjq2hqhq; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: /login.php Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin alt-svc: h3=":443"; ma=86400
Found 2025-12-22 by HttpPluginCreate report
-
Open service 31.97.9.158:443 · clientes.imobileai.com.br
2025-12-22 15:45
HTTP/1.1 302 Found Server: nginx Date: Mon, 22 Dec 2025 15:45:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=jo2q8591d6ai2mkcvbfnla1ji3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: /login.php Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS Access-Control-Allow-Credentials: true X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin alt-svc: h3=":443"; ma=86400
Found 2025-12-22 by HttpPluginCreate report