nginx
tcp/8002 tcp/8003 tcp/8004 tcp/8005
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: medium
Fingerprint: 831cb76b8e05df46408cd88ef7d40a7ef7d40a7ef7d40a7ef7d40a7ef7d40a7e
Indices: 1, document count: 182, size: 360.2 kB Found index goods with 182 documents (360.2 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46e756011a6f3c31f66f3c31f66f3c31f66f3c31f66f3c31f6
Indices: 1, document count: 182, size: 321.7 kB Found index goods with 182 documents (321.7 kB)
Open service 39.107.92.215:8003
2024-03-03 03:31
HTTP/1.1 200 OK Server: nginx Date: Sun, 03 Mar 2024 03:31:03 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/7.2.33 Set-Cookie: goto=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: back=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: pma_lang=en; expires=Tue, 02-Apr-2024 03:31:03 GMT; Max-Age=2592000; path=/; HttpOnly Set-Cookie: phpMyAdmin=e536qusanb3gh9sblip3er9vib; path=/; HttpOnly X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Sun, 03 Mar 2024 03:31:03 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Last-Modified: Sun, 03 Mar 2024 03:31:03 +0000 Vary: Accept-Encoding Page title: phpMyAdmin <!doctype html> <html lang="en" dir="ltr"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow"> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <style id="cfs-style">html{display: none;}</style> <link rel="icon" href="favicon.ico" type="image/x-icon"> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon"> <link rel="stylesheet" type="text/css" href="./themes/pmahomme/jquery/jquery-ui.css"> <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/lib/codemirror.css?v=5.0.2"> <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/addon/hint/show-hint.css?v=5.0.2"> <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/addon/lint/lint.css?v=5.0.2"> <link rel="stylesheet" type="text/css" href="./themes/pmahomme/css/theme.css?v=5.0.2&nocache=4770359241ltr&server=1"> <link rel="stylesheet" type="text/css" href="./themes/pmahomme/css/printview.css?v=5.0.2" media="print" id="printcss"> <title>phpMyAdmin</title> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.min.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-migrate.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/whitelist.php?v=5.0.2&lang=en"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/sprintf.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/ajax.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/keyhandler.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/bootstrap/bootstrap.bundle.min.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/js.cookie.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.mousewheel.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.event.drag-2.2.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.validate.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui-timepicker-addon.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.ba-hashchange-1.3.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.debounce-1.0.5.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/menu_resizer.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/cross_framing_protection.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/rte.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/error_report.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/messages.php?l=en&v=5.0.2&lang=en"></script> <script data-cfasync="false" type="text/javascript" src="js/config.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/doclinks.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/functions.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/navigation.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/indexes.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/common.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/page_settings.js?v=5.0.2"></script>
Open service 39.107.92.215:8003
2024-03-02 11:53
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Mar 2024 11:53:34 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/7.2.33 Set-Cookie: goto=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: back=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: pma_lang=en; expires=Mon, 01-Apr-2024 11:53:34 GMT; Max-Age=2592000; path=/; HttpOnly Set-Cookie: phpMyAdmin=p2ap3v6n713ukjkdp232ce0bsb; path=/; HttpOnly X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Sat, 02 Mar 2024 11:53:34 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Last-Modified: Sat, 02 Mar 2024 11:53:34 +0000 Vary: Accept-Encoding Page title: phpMyAdmin <!doctype html> <html lang="en" dir="ltr"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow"> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <style id="cfs-style">html{display: none;}</style> <link rel="icon" href="favicon.ico" type="image/x-icon"> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon"> <link rel="stylesheet" type="text/css" href="./themes/pmahomme/jquery/jquery-ui.css"> <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/lib/codemirror.css?v=5.0.2"> <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/addon/hint/show-hint.css?v=5.0.2"> <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/addon/lint/lint.css?v=5.0.2"> <link rel="stylesheet" type="text/css" href="./themes/pmahomme/css/theme.css?v=5.0.2&nocache=4770359241ltr&server=1"> <link rel="stylesheet" type="text/css" href="./themes/pmahomme/css/printview.css?v=5.0.2" media="print" id="printcss"> <title>phpMyAdmin</title> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.min.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-migrate.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/whitelist.php?v=5.0.2&lang=en"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/sprintf.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/ajax.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/keyhandler.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/bootstrap/bootstrap.bundle.min.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/js.cookie.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.mousewheel.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.event.drag-2.2.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.validate.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui-timepicker-addon.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.ba-hashchange-1.3.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.debounce-1.0.5.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/menu_resizer.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/cross_framing_protection.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/rte.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/error_report.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/messages.php?l=en&v=5.0.2&lang=en"></script> <script data-cfasync="false" type="text/javascript" src="js/config.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/doclinks.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/functions.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/navigation.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/indexes.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/common.js?v=5.0.2"></script> <script data-cfasync="false" type="text/javascript" src="js/page_settings.js?v=5.0.2"></script>
Open service 39.107.92.215:8005
2024-03-02 09:47
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Mar 2024 09:47:17 GMT Content-Type: text/html Content-Length: 8 Last-Modified: Wed, 02 Dec 2020 14:18:48 GMT Connection: close ETag: "5fc7a248-8" Accept-Ranges: bytes 8005qima
Open service 39.107.92.215:8004
2024-03-02 07:21
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Mar 2024 07:21:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/7.2.33 <br /> <b>Warning</b>: require_once(/home/wwwroot/default/z_love/application/config/constants.php): failed to open stream: No such file or directory in <b>/home/wwwroot/default/z_love/system/core/CodeIgniter.php</b> on line <b>70</b><br /> <br /> <b>Fatal error</b>: require_once(): Failed opening required '/home/wwwroot/default/z_love/application/config/constants.php' (include_path='.:/usr/local/php/lib/php') in <b>/home/wwwroot/default/z_love/system/core/CodeIgniter.php</b> on line <b>70</b><br />
Open service 39.107.92.215:8002
2024-03-02 07:14
HTTP/1.1 404 Not Found Server: nginx Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/7.2.33 Cache-Control: no-cache, private date: Sat, 02 Mar 2024 07:15:05 GMT Access-Control-Allow-Origin: Access-Control-Allow-Headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,token Access-Control-Expose-Headers: Authorization, authenticated Access-Control-Allow-Methods: GET, POST, PATCH, PUT, OPTIONS,DELETE Access-Control-Allow-Credentials: true Page title: Page Not Found <!doctype html> <html lang="en"> <head> <title>Page Not Found</title> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <!-- Fonts --> <link rel="dns-prefetch" href="//fonts.gstatic.com"> <link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet" type="text/css"> <!-- Styles --> <style> html { line-height: 1.15; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; } body { margin: 0; } header, nav, section { display: block; } figcaption, main { display: block; } a { background-color: transparent; -webkit-text-decoration-skip: objects; } strong { font-weight: inherit; } strong { font-weight: bolder; } code { font-family: monospace, monospace; font-size: 1em; } dfn { font-style: italic; } svg:not(:root) { overflow: hidden; } button, input { font-family: sans-serif; font-size: 100%; line-height: 1.15; margin: 0; } button, input { overflow: visible; } button { text-transform: none; } button, html [type="button"], [type="reset"], [type="submit"] { -webkit-appearance: button; } button::-moz-focus-inner, [type="button"]::-moz-focus-inner, [type="reset"]::-moz-focus-inner, [type="submit"]::-moz-focus-inner { border-style: none; padding: 0; } button:-moz-focusring, [type="button"]:-moz-focusring, [type="reset"]:-moz-focusring, [type="submit"]:-moz-focusring { outline: 1px dotted ButtonText; } legend { -webkit-box-sizing: border-box; box-sizing: border-box; color: inherit; display: table; max-width: 100%; padding: 0; white-space: normal; } [type="checkbox"], [type="radio"] { -webkit-box-sizing: border-box; box-sizing: border-box; padding: 0; } [type="number"]::-webkit-inner-spin-button, [type="number"]::-webkit-outer-spin-button { height: auto; } [type="search"] { -webkit-appearance: textfield; outline-offset: -2px; } [type="search"]::-webkit-search-cancel-button, [type="search"]::-webkit-search-decoration { -webkit-appearance: none; } ::-webkit-file-upload-button { -webkit-appearance: button; font: inherit; } menu { display: block; } canvas { display: inline-block; } template { display: none; } [hidden] { display: none; } html { -webkit-box-sizing: border-box; box-sizing: border-box; font-family: sans-serif; } *, *::before, *::after { -webkit-box-sizing: inherit; box-sizing: inherit; } p { margin: 0; } button { background: transparent; padding: 0; } button:focus { outline: 1px dotted; outline: 5px auto -webkit-focus-ring-color; } *, *::before,