LeakIX - Host 34.165.43.63

Host 34.165.43.63

Israel

GOOGLE-CLOUD-PLATFORM

Software information

nginx nginx 1.22.1

tcp/443

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 34.165.43.63
Domain: admin.milgo.io
Port: 443
URL: https://admin.milgo.io

First seen 2025-11-08 00:43
Last seen 2026-02-09 22:31
Open for 93 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6571aeb47788bd0753afcfb6a7b51f14c1a94625c

GraphQL introspection enabled at /api/graphql
Types: 474 (by kind: ENUM: 12, INPUT_OBJECT: 386, OBJECT: 65, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-02-09 22:31

754.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d67813b5f6abf3ede61e7618a125bd16dbdfcf74e7

GraphQL introspection enabled at /api/graphql
Types: 468 (by kind: ENUM: 12, INPUT_OBJECT: 380, OBJECT: 65, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-12-16 16:55

735.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6764762ebb2aa24a94cfaaebe8c562810569d4258

GraphQL introspection enabled at /api/graphql
Types: 483 (by kind: ENUM: 12, INPUT_OBJECT: 394, OBJECT: 66, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-11-23 03:28

781.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
Found on 2025-11-21 04:30

Create report

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 34.165.43.63
Port: 22

First seen 2025-12-11 13:12
Last seen 2026-02-08 13:12
Open for 59 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb563aa8aa9f94cd0d0f94cd0d0f94cd0d0f94cd0d0
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u7
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2026-02-08 13:12
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 34.165.43.63
Port: 443
URL: https://34.165.43.63

First seen 2025-12-09 22:49
Last seen 2026-02-01 15:40
Open for 53 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6571aeb47788bd0753afcfb6a7b51f14c1a94625c

GraphQL introspection enabled at /api/graphql
Types: 474 (by kind: ENUM: 12, INPUT_OBJECT: 386, OBJECT: 65, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-02-01 15:40

754.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d67813b5f6abf3ede61e7618a125bd16dbdfcf74e7

GraphQL introspection enabled at /api/graphql
Types: 468 (by kind: ENUM: 12, INPUT_OBJECT: 380, OBJECT: 65, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-12-16 02:21

735.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 34.165.43.63
Domain: main.milgo.io
Port: 443
URL: https://main.milgo.io

First seen 2025-11-03 09:47
Last seen 2026-01-23 12:49
Open for 81 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6571aeb47788bd0753afcfb6a7b51f14c1a94625c

GraphQL introspection enabled at /api/graphql
Types: 474 (by kind: ENUM: 12, INPUT_OBJECT: 386, OBJECT: 65, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-23 12:49

754.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
Found on 2026-01-02 22:23

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d67813b5f6abf3ede61e7618a125bd16dbdfcf74e7

GraphQL introspection enabled at /api/graphql
Types: 468 (by kind: ENUM: 12, INPUT_OBJECT: 380, OBJECT: 65, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-12-13 17:00

735.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6764762ebb2aa24a94cfaaebe8c562810569d4258

GraphQL introspection enabled at /api/graphql
Types: 483 (by kind: ENUM: 12, INPUT_OBJECT: 394, OBJECT: 66, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: account, accountGroup, accountGroups, accounts, accountsCount
- Mutation: Mutation | fields: createAccount, createAccounts, deleteAccount, updateAccount, updateAccounts
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-11-23 11:23

779.2 kBytes

Create report

Open service 34.165.43.63:443 · admin.milgo.io

2026-01-23 12:59

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Fri, 23 Jan 2026 12:59:41 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-23 by HttpPlugin

Create report

Open service 34.165.43.63:443 · main.milgo.io

2026-01-23 12:49

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Fri, 23 Jan 2026 12:49:26 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-23 by HttpPlugin

Create report

Open service 34.165.43.63:443

2026-01-22 17:27

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Thu, 22 Jan 2026 17:27:35 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-22 by HttpPlugin

Create report

Open service 34.165.43.63:22

2026-01-22 12:24
Found 2026-01-22 by SSHOpenPlugin
Create report

Open service 34.165.43.63:443 · admin.milgo.io

2026-01-10 01:49

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Sat, 10 Jan 2026 01:49:18 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-10 by HttpPlugin

Create report

Open service 34.165.43.63:443 · main.milgo.io

2026-01-09 16:00

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Fri, 09 Jan 2026 16:00:33 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-09 by HttpPlugin

Create report

Open service 34.165.43.63:443

2026-01-08 17:51

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Thu, 08 Jan 2026 17:51:59 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-08 by HttpPlugin

Create report

Open service 34.165.43.63:22

2026-01-08 15:26
Found 2026-01-08 by SSHOpenPlugin
Create report

Open service 34.165.43.63:443 · admin.milgo.io

2026-01-03 00:20

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Sat, 03 Jan 2026 00:20:21 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-03 by HttpPlugin

Create report

Open service 34.165.43.63:443 · main.milgo.io

2026-01-02 19:21

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Fri, 02 Jan 2026 19:21:08 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-02 by HttpPlugin

Create report

Open service 34.165.43.63:443

2026-01-01 19:06

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Thu, 01 Jan 2026 19:06:16 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2026-01-01 by HttpPlugin

Create report

Open service 34.165.43.63:22

2026-01-01 15:28
Found 2026-01-01 by SSHOpenPlugin
Create report

Open service 34.165.43.63:443 · main.milgo.io

2025-12-23 04:54

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Tue, 23 Dec 2025 04:54:51 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2025-12-23 by HttpPlugin

Create report

Open service 34.165.43.63:443 · admin.milgo.io

2025-12-23 01:20

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Tue, 23 Dec 2025 01:20:06 GMT
Content-Length: 0
Connection: close
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src: * 'unsafe-inline';
Permissions-Policy: interest-cohort=()
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Cache-Control: no-cache, max-age=0
Location: /signin

Found 2025-12-23 by HttpPlugin

Create report

admin.milgo.io

Fingerprint:

348ff5c998d9af8bc7216b51975d5add1e610f1b4c9ca1e763473d51f2ca1c40

CN:

admin.milgo.io

Key:

ECDSA-256

Issuer:

Not before:

2026-01-07 10:29

Not after:

2026-04-07 10:29

main.milgo.io

Fingerprint:

5945a3d5008c52bd33d14f213911f6f42d425694c3cd3e431371ae1a7d157dd8

CN:

main.milgo.io

Key:

ECDSA-256

Issuer:

Not before:

2026-01-02 21:24

Not after:

2026-04-02 21:23

admin.milgo.io

Fingerprint:

d362e8fd9b96eff940ee01d02e88b70533202d8f8992ea98fe6fa70e1d280d53

CN:

admin.milgo.io

Key:

ECDSA-256

Issuer:

Not before:

2025-11-07 23:45

Not after:

2026-02-05 23:45

main.milgo.io

Fingerprint:

1054fcfb54f97bf8d550cd4e09860b32ee04e263b0fab6e737135972a5aa0e84

CN:

main.milgo.io

Key:

ECDSA-256

Issuer:

Not before:

2025-11-03 08:48

Not after:

2026-02-01 08:48

Domain summary

admin.milgo.io 7 main.milgo.io 7

2 recorded

Host 34.165.43.63

Israel

Software information

GraphQL introspection is enabled.

SSH is potenitally vulnerable

GraphQL introspection is enabled.

GraphQL introspection is enabled.

admin.milgo.io

main.milgo.io

admin.milgo.io

main.milgo.io

Domain summary