nginx
tcp/443 tcp/80
sw-cp-server
tcp/8443
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: 831cb76b8e05df463ea19ebb70c1156370c1156370c1156370c1156370c11563
Indices: 1, document count: 1, size: 4.2 kB Found index read-me with 1 documents (4.2 kB)
Severity: high
Fingerprint: 831cb76b8e05df4640f0fac62a5019532a5019532a5019532a5019532a501953
Indices: 1, document count: 1, size: 4.5 kB Found index read-me with 1 documents (4.5 kB)
Severity: high
Fingerprint: 831cb76b8e05df4698df6b90d52d8cd38dd284931477e330f304e33ee214386e
Indices: 6, document count: 9, size: 103.6 kB Found index casa with 0 documents (208 B) Found index read_me with 1 documents (4.8 kB) Found index plugin with 1 documents (4.9 kB) Found index service with 5 documents (79.4 kB) Found index api with 1 documents (7.0 kB) Found index v2 with 1 documents (7.4 kB)
Severity: high
Fingerprint: 831cb76b8e05df468d963ec680cd34818f74c6be842dd2e8c6ba7814a8de5af4
Indices: 5, document count: 4, size: 24.2 kB Found index casa with 0 documents (208 B) Found index plugin with 1 documents (4.9 kB) Found index read_me with 1 documents (4.8 kB) Found index api with 1 documents (7.0 kB) Found index v2 with 1 documents (7.4 kB)
Severity: high
Fingerprint: 831cb76b8e05df4686b6596f47984602ca0ab8f4ca0ab8f4ca0ab8f4ca0ab8f4
Indices: 2, document count: 1, size: 5.0 kB Found index casa with 0 documents (208 B) Found index read_me with 1 documents (4.8 kB)
Severity: high
Fingerprint: 831cb76b8e05df46d09a1a199259796592597965925979659259796592597965
Indices: 1, document count: 1, size: 4.8 kB Found index read_me with 1 documents (4.8 kB)
Severity: high
Fingerprint: 831cb76b8e05df46096bb04fe51d21ba1151f24f7cfc14a77cfc14a77cfc14a7
Indices: 3, document count: 1837, size: 4.6 MB Found index read_me_to_recover_database with 1 documents (5.3 kB) Found index api with 2 documents (9.6 kB) Found index fotootticamattei__product_1_v2 with 1834 documents (4.6 MB)
Severity: high
Fingerprint: 831cb76b8e05df46dd4c1768dc8852fbeb9a197beb9a197beb9a197beb9a197b
Indices: 2, document count: 1835, size: 4.6 MB Found index read_me_to_recover_database with 1 documents (5.3 kB) Found index fotootticamattei__product_1_v2 with 1834 documents (4.6 MB)
Severity: medium
Fingerprint: 831cb76b8e05df46072ce8d37d60f282478bb60eed2742bf11fd7e4824d7b8b1
Indices: 5, document count: 5, size: 26.6 kB Found index read-me-hacked-by-nightlionsecurity-lbqa7e with 1 documents (5.3 kB) Found index read-me-hacked-by-nightlionsecurity-24t0s2 with 1 documents (5.3 kB) Found index read-me-hacked-by-nightlionsecurity-gt3cvm with 1 documents (5.3 kB) Found index read-me-hacked-by-nightlionsecurity-1nwf7i with 1 documents (5.3 kB) Found index read-me-hacked-by-nightlionsecurity-f2ee37 with 1 documents (5.3 kB)
Open service 51.68.66.117:443
2024-03-02 23:02
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Mar 2024 23:03:07 GMT Content-Type: text/html Content-Length: 432 Connection: close Last-Modified: Thu, 25 Mar 2021 03:52:02 GMT ETag: "1b0-5be54568a7c80" Accept-Ranges: bytes Vary: Accept-Encoding Page title: Web Server's Default Page <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2021. Plesk International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> You see this page because there is no Web site at this address. </body> </html>
Open service 51.68.66.117:21
2024-03-02 06:44
220 ProFTPD Server (ProFTPD) [51.68.66.117]
Open service 51.68.66.117:443
2024-03-01 22:26
HTTP/1.1 200 OK Server: nginx Date: Fri, 01 Mar 2024 22:26:44 GMT Content-Type: text/html Content-Length: 432 Connection: close Last-Modified: Thu, 25 Mar 2021 03:52:02 GMT ETag: "1b0-5be54568a7c80" Accept-Ranges: bytes Vary: Accept-Encoding Page title: Web Server's Default Page <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2021. Plesk International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> You see this page because there is no Web site at this address. </body> </html>
Open service 51.68.66.117:80
2024-03-01 21:48
HTTP/1.1 200 OK Server: nginx Date: Fri, 01 Mar 2024 21:48:12 GMT Content-Type: text/html Content-Length: 432 Connection: close Last-Modified: Thu, 25 Mar 2021 03:52:02 GMT ETag: "1b0-5be54568a7c80" Accept-Ranges: bytes Vary: Accept-Encoding Page title: Web Server's Default Page <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2021. Plesk International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> You see this page because there is no Web site at this address. </body> </html>
Open service 51.68.66.117:443 · tesorogroup.it
2024-02-26 16:38
HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 26 Feb 2024 16:38:53 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/7.4.33 X-Redirect-By: WordPress Location: https://www.tesorogroup.it/ X-Powered-By: PleskLin
Open service 51.68.66.117:80 · tesorogroup.it
2024-02-26 16:38
HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 26 Feb 2024 16:38:51 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://tesorogroup.it/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Open service 51.68.66.117:8443 · tesorogroup.it
2024-02-26 16:38
HTTP/1.1 303 See Other Server: sw-cp-server Date: Mon, 26 Feb 2024 16:38:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Fri, 28 May 1999 00:00:00 GMT Last-Modified: Mon, 26 Feb 2024 16:38:51 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: https://tesorogroup.it/login.php X-Content-Type-Options: nosniff
Open service 51.68.66.117:443
2024-02-18 17:55
HTTP/1.1 200 OK Server: nginx Date: Sun, 18 Feb 2024 17:55:16 GMT Content-Type: text/html Content-Length: 432 Connection: close Last-Modified: Thu, 25 Mar 2021 03:52:02 GMT ETag: "1b0-5be54568a7c80" Accept-Ranges: bytes Vary: Accept-Encoding Page title: Web Server's Default Page <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2021. Plesk International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> You see this page because there is no Web site at this address. </body> </html>
Open service 51.68.66.117:80
2024-02-18 16:33
HTTP/1.1 200 OK Server: nginx Date: Sun, 18 Feb 2024 16:33:15 GMT Content-Type: text/html Content-Length: 432 Connection: close Last-Modified: Thu, 25 Mar 2021 03:52:02 GMT ETag: "1b0-5be54568a7c80" Accept-Ranges: bytes Vary: Accept-Encoding Page title: Web Server's Default Page <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2021. Plesk International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> You see this page because there is no Web site at this address. </body> </html>
Open service 51.68.66.117:21
2024-02-17 17:38
220 ProFTPD Server (ProFTPD) [51.68.66.117]
Open service 51.68.66.117:443
2024-02-14 19:37
HTTP/1.1 200 OK Server: nginx Date: Wed, 14 Feb 2024 19:37:34 GMT Content-Type: text/html Content-Length: 432 Connection: close Last-Modified: Thu, 25 Mar 2021 03:52:02 GMT ETag: "1b0-5be54568a7c80" Accept-Ranges: bytes Vary: Accept-Encoding Page title: Web Server's Default Page <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2021. Plesk International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> You see this page because there is no Web site at this address. </body> </html>
Open service 51.68.66.117:21
2024-02-14 17:58
220 ProFTPD Server (ProFTPD) [51.68.66.117]