LeakIX - Host 71.231.56.79

Host 71.231.56.79

United States

COMCAST-7922

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 71.231.56.79
Port: 22

First seen 2025-12-10 05:52
Last seen 2026-01-22 12:49
Open for 43 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb563aa8aa9f94cd0d0f94cd0d0f94cd0d0f94cd0d0
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u7
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2026-01-22 12:49
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 71.231.56.79
Domain: js.zlyxy.me
Port: 443
URL: https://js.zlyxy.me

First seen 2026-01-08 22:48
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-08 22:48
Create report

Open service 71.231.56.79:22

2026-01-22 12:49
Found 2026-01-22 by SSHOpenPlugin
Create report

Open service 71.231.56.79:80 · prr.zlyxy.me

2026-01-11 01:15

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 01:15:13 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:443 · tdrr.zlyxy.me

2026-01-11 01:15

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 01:15:09 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · tdrr.zlyxy.me

2026-01-11 01:15

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 01:15:09 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:443 · qb.zlyxy.me

2026-01-11 01:13

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 01:13:12 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=86400
Strict-Transport-Security: max-age=63072000; preload

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · pve.zlyxy.me

2026-01-11 01:06

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 01:07:00 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · omv.zlyxy.me

2026-01-11 01:03

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 01:03:56 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · home.zlyxy.me

2026-01-11 00:57

HTTP/1.1 308 Permanent Redirect
Date: Sun, 11 Jan 2026 00:57:37 GMT
Content-Type: text/html
Content-Length: 136
Connection: close
Location: https://home.zlyxy.me/
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:443 · home.zlyxy.me

2026-01-11 00:57

HTTP/1.1 200 OK
Date: Sun, 11 Jan 2026 00:57:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 5949
Connection: close
Vary: Accept-Encoding
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-DNS-Prefetch-Control: off
X-Permitted-Cross-Domain-Policies: none
Alt-Svc: h3=":443"; ma=86400
Strict-Transport-Security: max-age=63072000; preload

Page title: Home Assistant

<!DOCTYPE html><html><head><title>Home Assistant</title><meta charset="utf-8"><link rel="manifest" href="/manifest.json" crossorigin="use-credentials"><link rel="icon" href="/static/icons/favicon.ico"><link rel="modulepreload" href="/frontend_latest/core.7f2afef49a3817b9.js" crossorigin="use-credentials"><link rel="modulepreload" href="/frontend_latest/app.fbbdf6702592824b.js" crossorigin="use-credentials"><link rel="mask-icon" href="/static/icons/mask-icon.svg" color="#18bcf2"><link rel="apple-touch-icon" href="/static/icons/favicon-apple-180x180.png"><meta name="apple-itunes-app" content="app-id=1099568401"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="default"><meta name="apple-mobile-web-app-title" content="Home Assistant"><meta name="msapplication-config" content="/static/icons/browserconfig.xml"><meta name="mobile-web-app-capable" content="yes"><meta name="application-name" content="Home Assistant"><meta name="referrer" content="same-origin"><meta name="theme-color" content="#2980b9"><meta name="color-scheme" content="dark light"><meta name="viewport" content="width=device-width,user-scalable=no,viewport-fit=cover,initial-scale=1"><style>body{font-family:Roboto,Noto,sans-serif;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;font-weight:400;margin:0;padding:0;height:100%}</style><style>@keyframes fade-out{from{opacity:1}to{opacity:0}}::view-transition-group(launch-screen){animation-duration:var(--ha-animation-base-duration, 350ms);animation-timing-function:ease-out}::view-transition-old(launch-screen){animation:fade-out var(--ha-animation-base-duration,350ms) ease-out}html{background-color:var(--primary-background-color,#fafafa);color:var(--primary-text-color,#212121);height:100vh}#ha-launch-screen{position:fixed;top:0;left:0;right:0;bottom:0;width:100%;height:100%;display:flex;flex-direction:column;justify-content:center;align-items:center;view-transition-name:launch-screen;background-color:var(--primary-background-color,#fafafa);z-index:100}#ha-launch-screen.removing{opacity:0}#ha-launch-screen svg{width:112px;flex-shrink:0}#ha-launch-screen .ha-launch-screen-spacer-top{flex:1;margin-top:calc(2 * max(var(--safe-area-inset-top,0px),48px) + 46px);padding-top:48px}#ha-launch-screen .ha-launch-screen-spacer-bottom{flex:1;padding-top:48px}.ohf-logo{margin:max(var(--safe-area-inset-bottom,0px),48px) 0;display:flex;flex-direction:column;align-items:center;opacity:.66}@media (prefers-color-scheme:dark){html{background-color:var(--primary-background-color,#111);color:var(--primary-text-color,#e1e1e1)}body #ha-launch-screen{background-color:var(--primary-background-color,#111)}.ohf-logo{filter:invert(1)}}</style></head><body><div id="ha-launch-screen"><div class="ha-launch-screen-spacer-top"></div><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 240 240"><path fill="#18BCF2" d="M240 224.762a15 15 0 0 1-15 15H15a15 15 0 0 1-15-15v-90c0-8.25 4.77-19.769 10.61-25.609l98.78-98.7805c5.83-5.83 15.38-5.83 21.21 0l98.79 98.7895c5.83 5.83 10.61 17.36 10.61 25.61v90-.01Z"/><path fill="#F2F4F9" d="m107.27 239.762-40.63-40.63c-2.09.72-4.32 1.13-6.64 1.13-11.3 0-20.5-9.2-20.5-20.5s9.2-20.5 20.5-20.5 20.5 9.2 20.5 20.5c0 2.33-.41 4.56-1.13 6.65l31.63 31.63v-115.88c-6.8-3.3395-11.5-10.3195-11.5-18.3895 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5c0 8.07-4.7 15.05-11.5 18.3895v81.27l31.46-31.46c-.62-1.96-.96-4.04-.96-6.2 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5-9.2 20.5-20.5 20.5c-2.5 0-4.88-.47-7.09-1.29L129 208.892v30.88z"/></svg><div id="ha-launch-screen-info-box" class="ha-launch-screen-spacer-bottom"></div><div class="ohf-logo"><img src="/static/images/ohf-badge.svg" alt="Home Assistant is a project by the Open Home Foundation" height="46"></div></div><home-assistant></home-assistant><script>function _ls(d,e){var i=document.createElement("script");return e&&(i.crossOrigin="use-credentials"),i.src=d,document.head.appendChild(i)}"attachShadow"in Element.prototype||(_ls("/static/polyfills/webcomponents-bundle.js",!0),_ls("/static/polyfills/

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:443 · gw.zlyxy.me

2026-01-11 00:54

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 00:54:41 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · ffl.zlyxy.me

2026-01-11 00:53

HTTP/1.1 308 Permanent Redirect
Date: Sun, 11 Jan 2026 00:53:31 GMT
Content-Type: text/html
Content-Length: 136
Connection: close
Location: https://ffl.zlyxy.me/
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · core-crs308-01.zlyxy.me

2026-01-11 00:50

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 00:50:34 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:443 · core-crs308-01.zlyxy.me

2026-01-11 00:50

HTTP/1.1 401 Unauthorized
Date: Sun, 11 Jan 2026 00:50:34 GMT
Content-Type: text/html
Content-Length: 144
Connection: close
WWW-Authenticate: Basic realm="Authorization required"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 401 Authorization Required

<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
</body>
</html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 71.231.56.79:80 · photos.jonzobrist.com

2026-01-10 19:49

HTTP/1.1 308 Permanent Redirect
Date: Sat, 10 Jan 2026 19:49:29 GMT
Content-Type: text/html
Content-Length: 136
Connection: close
Location: https://photos.jonzobrist.com/
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
</body>
</html>

Found 2026-01-10 by HttpPlugin

Create report

Open service 71.231.56.79:443 · photos.zlyxy.me

2026-01-10 19:49

HTTP/1.1 200 OK
Date: Sat, 10 Jan 2026 19:49:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 7254
Connection: close
Vary: Accept-Encoding
Cache-Control: no-store
ETag: "1c56-UIZaeWrnJQS24tVMRmLbqJTPTrA"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; preload


<!doctype html>
<html>
  <head>
    <!-- (used for SSR) -->
    <!-- metadata:tags -->

    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
    <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16.png" />
    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32.png" />
    <link rel="icon" type="image/png" sizes="48x48" href="/favicon-48.png" />
    <link rel="icon" type="image/png" sizes="96x96" href="/favicon-96.png" />
    <link rel="icon" type="image/png" sizes="144x144" href="/favicon-144.png" />
    <link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180.png" />
    <link rel="preload" as="font" type="font/ttf" href="/_app/immutable/assets/Overpass.DCP28BvT.ttf" crossorigin="anonymous" />
    <link rel="preload" as="font" type="font/ttf" href="/_app/immutable/assets/OverpassMono.XkUhFDDw.ttf" crossorigin="anonymous" />
    
		<link rel="modulepreload" href="/_app/immutable/entry/start.Cq9QwwyN.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/DUoONaPK.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/B2Mg7qEH.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/C377x6j1.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/DIeogL5L.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/CZjWu8O6.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/BUApaBEI.js">
		<link rel="modulepreload" href="/_app/immutable/entry/app.3-aVc-Jm.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/BXl3LOEh.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/C4izphBe.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/Bua559Wm.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/C6sZujfO.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/DsnmJJEf.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/a8fn8VBG.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/Dk0SfMKH.js">
		<link rel="modulepreload" href="/_app/env.js">
    <style>
      /* prevent FOUC */
      html {
        height: 100%;
        width: 100%;
      }

      body,
      html {
        margin: 0;
        padding: 0;
      }

      @keyframes delayedVisibility {
        to {
          visibility: visible;
        }
      }

      @keyframes loadspin {
        100% {
          transform: rotate(360deg);
        }
      }

      #stencil {
        --stencil-width: 150px;
        display: flex;
        width: var(--stencil-width);
        margin-left: auto;
        margin-right: auto;
        margin-top: calc(50vh - var(--stencil-width) / 2);
        margin-bottom: 100vh;
        place-items: center;
        justify-content: center;
        overflow: hidden;
        visibility: hidden;
        animation:
          0s linear 0.3s forwards delayedVisibility,
          loadspin 8s linear infinite;
      }

      .bg-immich-bg {
        background-color: white;
      }

      .dark .dark\:bg-immich-dark-bg {
        background-color: black;
      }
    </style>
    <script>
      /**
       * Prevent FOUC on page load.
       */
      const colorThemeKeyName = 'color-theme';

      let theme = localStorage.getItem(colorThemeKeyName);
      if (!theme) {
        theme = { value: 'light', system: true };
      } else if (theme === 'dark' || theme === 'light') {
        theme = { value: theme, system: false };
        localStorage.setItem(colorThemeKeyName, JSON.stringify(theme));
      } else {
        theme = JSON.parse(theme);
      }

      let themeValue = theme.value;
      if (theme.system) {
        if (window.matchMedia('(prefers-color-scheme: dark)').matches) {
          themeValue = 'dark';
        } else {
          themeValue = 'light';
        }
      }

      if (themeValue === 'light') {
        document.documentElement.classList.remove('dark');
      } else {
        document.documentElement.classList.add('dark');
      }
    </script>

    <link rel="stylesheet"

Found 2026-01-10 by HttpPlugin

Create report

Open service 71.231.56.79:443 · photos.jonzobrist.com

2026-01-10 19:49

HTTP/1.1 200 OK
Date: Sat, 10 Jan 2026 19:49:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 7254
Connection: close
Vary: Accept-Encoding
Cache-Control: no-store
ETag: "1c56-UIZaeWrnJQS24tVMRmLbqJTPTrA"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; preload


<!doctype html>
<html>
  <head>
    <!-- (used for SSR) -->
    <!-- metadata:tags -->

    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
    <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16.png" />
    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32.png" />
    <link rel="icon" type="image/png" sizes="48x48" href="/favicon-48.png" />
    <link rel="icon" type="image/png" sizes="96x96" href="/favicon-96.png" />
    <link rel="icon" type="image/png" sizes="144x144" href="/favicon-144.png" />
    <link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180.png" />
    <link rel="preload" as="font" type="font/ttf" href="/_app/immutable/assets/Overpass.DCP28BvT.ttf" crossorigin="anonymous" />
    <link rel="preload" as="font" type="font/ttf" href="/_app/immutable/assets/OverpassMono.XkUhFDDw.ttf" crossorigin="anonymous" />
    
		<link rel="modulepreload" href="/_app/immutable/entry/start.Cq9QwwyN.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/DUoONaPK.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/B2Mg7qEH.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/C377x6j1.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/DIeogL5L.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/CZjWu8O6.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/BUApaBEI.js">
		<link rel="modulepreload" href="/_app/immutable/entry/app.3-aVc-Jm.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/BXl3LOEh.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/C4izphBe.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/Bua559Wm.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/C6sZujfO.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/DsnmJJEf.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/a8fn8VBG.js">
		<link rel="modulepreload" href="/_app/immutable/chunks/Dk0SfMKH.js">
		<link rel="modulepreload" href="/_app/env.js">
    <style>
      /* prevent FOUC */
      html {
        height: 100%;
        width: 100%;
      }

      body,
      html {
        margin: 0;
        padding: 0;
      }

      @keyframes delayedVisibility {
        to {
          visibility: visible;
        }
      }

      @keyframes loadspin {
        100% {
          transform: rotate(360deg);
        }
      }

      #stencil {
        --stencil-width: 150px;
        display: flex;
        width: var(--stencil-width);
        margin-left: auto;
        margin-right: auto;
        margin-top: calc(50vh - var(--stencil-width) / 2);
        margin-bottom: 100vh;
        place-items: center;
        justify-content: center;
        overflow: hidden;
        visibility: hidden;
        animation:
          0s linear 0.3s forwards delayedVisibility,
          loadspin 8s linear infinite;
      }

      .bg-immich-bg {
        background-color: white;
      }

      .dark .dark\:bg-immich-dark-bg {
        background-color: black;
      }
    </style>
    <script>
      /**
       * Prevent FOUC on page load.
       */
      const colorThemeKeyName = 'color-theme';

      let theme = localStorage.getItem(colorThemeKeyName);
      if (!theme) {
        theme = { value: 'light', system: true };
      } else if (theme === 'dark' || theme === 'light') {
        theme = { value: theme, system: false };
        localStorage.setItem(colorThemeKeyName, JSON.stringify(theme));
      } else {
        theme = JSON.parse(theme);
      }

      let themeValue = theme.value;
      if (theme.system) {
        if (window.matchMedia('(prefers-color-scheme: dark)').matches) {
          themeValue = 'dark';
        } else {
          themeValue = 'light';
        }
      }

      if (themeValue === 'light') {
        document.documentElement.classList.remove('dark');
      } else {
        document.documentElement.classList.add('dark');
      }
    </script>

    <link rel="stylesheet"

Found 2026-01-10 by HttpPlugin

Create report

Open service 71.231.56.79:80 · dash.jonzobrist.com

2026-01-10 19:48

HTTP/1.1 200 OK
Date: Sat, 10 Jan 2026 19:48:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 13784
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 26 Dec 2025 02:23:22 GMT
ETag: W/"35d8-19b5877c1ca"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN

Page title: Dashy

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="referrer" content="no-referrer"><!--[if IE]><link rel="icon" type="image/png" sizes="64x64" href="//web-icons/favicon-64x64.png"><![endif]--><link rel="icon" type="image/png" sizes="32x32" href="web-icons/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="web-icons/favicon-16x16.png"><link rel="icon" type="image/png" href="/favicon.ico"><link rel="stylesheet" type="text/css" href="/loading-screen.css"><title>Dashy</title><link href="/css/chunk-0044633e.0e433876.css" rel="prefetch"><link href="/css/chunk-0367deae.0f98d711.css" rel="prefetch"><link href="/css/chunk-0387fd77.7aa83618.css" rel="prefetch"><link href="/css/chunk-03c5a0ba.fdf5ccee.css" rel="prefetch"><link href="/css/chunk-043d9c91.9438acdb.css" rel="prefetch"><link href="/css/chunk-04659cb4.f809b0eb.css" rel="prefetch"><link href="/css/chunk-0633ac20.857ad57c.css" rel="prefetch"><link href="/css/chunk-06ec1263.a96662f9.css" rel="prefetch"><link href="/css/chunk-070d32ac.3ca152a5.css" rel="prefetch"><link href="/css/chunk-08ca355a.0e2f8538.css" rel="prefetch"><link href="/css/chunk-0c51289a.d6684378.css" rel="prefetch"><link href="/css/chunk-0c7116ec.8d663b8e.css" rel="prefetch"><link href="/css/chunk-0ca0f1b0.3065a51a.css" rel="prefetch"><link href="/css/chunk-0f886a7e.2b7bc7a4.css" rel="prefetch"><link href="/css/chunk-11e20f6f.070a8cfa.css" rel="prefetch"><link href="/css/chunk-14192a80.31a5db2c.css" rel="prefetch"><link href="/css/chunk-15b37c0a.ebae7724.css" rel="prefetch"><link href="/css/chunk-16e26d5d.97cc876a.css" rel="prefetch"><link href="/css/chunk-180be55e.2679cb7e.css" rel="prefetch"><link href="/css/chunk-187213fc.851bbb61.css" rel="prefetch"><link href="/css/chunk-1b35c628.f7e5ac71.css" rel="prefetch"><link href="/css/chunk-1bb87b1d.8e13a431.css" rel="prefetch"><link href="/css/chunk-1e169674.98a4aa99.css" rel="prefetch"><link href="/css/chunk-20775648.d688965a.css" rel="prefetch"><link href="/css/chunk-21680640.f72d1c0d.css" rel="prefetch"><link href="/css/chunk-2642eaf9.103376cf.css" rel="prefetch"><link href="/css/chunk-26dbf0a4.3f521e8a.css" rel="prefetch"><link href="/css/chunk-284f6914.58ade778.css" rel="prefetch"><link href="/css/chunk-2925d418.2f4219ad.css" rel="prefetch"><link href="/css/chunk-29548417.1e586604.css" rel="prefetch"><link href="/css/chunk-2a60e938.44ce4820.css" rel="prefetch"><link href="/css/chunk-2ab49ff8.2ca1d591.css" rel="prefetch"><link href="/css/chunk-2f7cf238.8ae0649f.css" rel="prefetch"><link href="/css/chunk-308604ae.e4b32f8a.css" rel="prefetch"><link href="/css/chunk-3767f013.c9ab3ab3.css" rel="prefetch"><link href="/css/chunk-4073bae0.262be67e.css" rel="prefetch"><link href="/css/chunk-40accf01.a9976bd0.css" rel="prefetch"><link href="/css/chunk-445cc501.d9af4531.css" rel="prefetch"><link href="/css/chunk-44cb61f1.025edb8a.css" rel="prefetch"><link href="/css/chunk-460e6092.0bcf49d9.css" rel="prefetch"><link href="/css/chunk-468d3a74.e7e4907a.css" rel="prefetch"><link href="/css/chunk-49f2d909.26592934.css" rel="prefetch"><link href="/css/chunk-4a72a42d.3839d02e.css" rel="prefetch"><link href="/css/chunk-4ab61964.950bd772.css" rel="prefetch"><link href="/css/chunk-4c654f36.114d2435.css" rel="prefetch"><link href="/css/chunk-4ef6dcf5.f9dd4bd8.css" rel="prefetch"><link href="/css/chunk-4f2c58c5.e91567b0.css" rel="prefetch"><link href="/css/chunk-5119af0e.43516f17.css" rel="prefetch"><link href="/css/chunk-542a53f9.bd76c3a2.css" rel="prefetch"><link href="/css/chunk-665a1900.eeb31e13.css" rel="prefetch"><link href="/css/chunk-677c8830.df6a5b00.css" rel="prefetch"><link href="/css/chunk-67a10511.d45793cc.css" rel="prefetch"><link href="/css/chunk-6b5de1e1.9eb66c9f.css" rel="prefetch"><link href="/css/chunk-6bead033.15b8ed4e.css" rel="prefetch"><link href="/css/chunk-6cfb58d6.6349f856.css" rel="prefetch"><link href="/css/chunk-7132ce43.0e433876.css" rel="prefetch"><link href="/css/chunk-71962db1.80c5b92d.c

Found 2026-01-10 by HttpPlugin

Create report

Open service 71.231.56.79:443 · ab.zlyxy.me

2026-01-10 19:47

HTTP/1.1 200 OK
Date: Sat, 10 Jan 2026 19:47:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4136
Connection: close
Vary: Accept-Encoding
Content-Security-Policy: frame-ancestors 'self'
Referrer-Policy: strict-origin-when-cross-origin
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 23 Dec 2025 22:55:16 GMT
ETag: W/"1028-19b4d6c8420"
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; preload

Page title: Audiobookshelf

<!doctype html>
<html lang="en" data-n-head="%7B%22lang%22:%7B%221%22:%22en%22%7D%7D">
  <head>
    <meta data-n-head="1" charset="utf-8"><meta data-n-head="1" name="viewport" content="width=device-width,initial-scale=1"><meta data-n-head="1" data-hid="description" name="description" content=""><meta data-n-head="1" data-hid="robots" name="robots" content="noindex"><meta data-n-head="1" data-hid="charset" charset="utf-8"><meta data-n-head="1" data-hid="mobile-web-app-capable" name="mobile-web-app-capable" content="yes"><meta data-n-head="1" data-hid="apple-mobile-web-app-capable" name="apple-mobile-web-app-capable" content="yes"><meta data-n-head="1" data-hid="apple-mobile-web-app-status-bar-style" name="apple-mobile-web-app-status-bar-style" content="black"><meta data-n-head="1" data-hid="apple-mobile-web-app-title" name="apple-mobile-web-app-title" content="Audiobookshelf"><meta data-n-head="1" data-hid="theme-color" name="theme-color" content="#232323"><meta data-n-head="1" data-hid="og:type" name="og:type" property="og:type" content="website"><meta data-n-head="1" data-hid="og:title" name="og:title" property="og:title" content="Audiobookshelf"><meta data-n-head="1" data-hid="og:site_name" name="og:site_name" property="og:site_name" content="Audiobookshelf"><title>Audiobookshelf</title><link data-n-head="1" rel="icon" type="image/x-icon" href="/audiobookshelf/favicon.ico"><link data-n-head="1" rel="apple-touch-icon" href="/audiobookshelf/ios_icon.png"><link data-n-head="1" data-hid="shortcut-icon" rel="shortcut icon" href="/audiobookshelf/icon.svg"><link data-n-head="1" data-hid="apple-touch-icon" rel="apple-touch-icon" href="/audiobookshelf/icon192.png" sizes="any"><link data-n-head="1" rel="manifest" href="/audiobookshelf/_nuxt/manifest.2f7e41c6.json" data-hid="manifest"><base href="/audiobookshelf/"><link rel="preload" href="/audiobookshelf/_nuxt/3ef2023.js" as="script"><link rel="preload" href="/audiobookshelf/_nuxt/19fa580.js" as="script"><link rel="preload" href="/audiobookshelf/_nuxt/84edffa.js" as="script"><link rel="preload" href="/audiobookshelf/_nuxt/5ac40cc.js" as="script">
  </head>
  <body>
    <div id="__nuxt"><style>#nuxt-loading{background:#fff;visibility:hidden;opacity:0;position:absolute;left:0;right:0;top:0;bottom:0;display:flex;justify-content:center;align-items:center;flex-direction:column;animation:nuxtLoadingIn 10s ease;-webkit-animation:nuxtLoadingIn 10s ease;animation-fill-mode:forwards;overflow:hidden}@keyframes nuxtLoadingIn{0%{visibility:hidden;opacity:0}20%{visibility:visible;opacity:0}100%{visibility:visible;opacity:1}}@-webkit-keyframes nuxtLoadingIn{0%{visibility:hidden;opacity:0}20%{visibility:visible;opacity:0}100%{visibility:visible;opacity:1}}#nuxt-loading>div,#nuxt-loading>div:after{border-radius:50%;width:5rem;height:5rem}#nuxt-loading>div{font-size:10px;position:relative;text-indent:-9999em;border:.5rem solid #f5f5f5;border-left:.5rem solid #000;-webkit-transform:translateZ(0);-ms-transform:translateZ(0);transform:translateZ(0);-webkit-animation:nuxtLoading 1.1s infinite linear;animation:nuxtLoading 1.1s infinite linear}#nuxt-loading.error>div{border-left:.5rem solid #ff4500;animation-duration:5s}@-webkit-keyframes nuxtLoading{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(360deg);transform:rotate(360deg)}}@keyframes nuxtLoading{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(360deg);transform:rotate(360deg)}}</style> <script>window.addEventListener("error",(function(){var e=document.getElementById("nuxt-loading");e&&(e.className+=" error")}))</script> <div id="nuxt-loading" aria-live="polite" role="status"><div>Loading...</div></div> </div><script>window.__NUXT__={config:{version:"2.32.1",routerBasePath:"/audiobookshelf",_app:{basePath:"/audiobookshelf/",assetsPath:"/audiobookshelf/_nuxt/",cdnURL:null}}}</script>
  <script src="/audiobookshelf/_nuxt/3ef2023.js"></script><script src="/audiobookshelf/_nuxt/19fa580.js"></script><script src="/audiobookshelf/_nuxt/84edffa.js"></script><script src="/audiobookshelf/_nu

Found 2026-01-10 by HttpPlugin

Create report

Open service 71.231.56.79:443 · geogaurd.zlyxy.me

2026-01-10 03:31

HTTP/1.1 502 Bad Gateway
Date: Sat, 10 Jan 2026 03:31:35 GMT
Content-Type: text/html
Content-Length: 122
Connection: close
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; preload

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
</body>
</html>

Found 2026-01-10 by HttpPlugin

Create report

Open service 71.231.56.79:443 · photos.zlyxy.me

2026-01-05 00:23

HTTP/1.1 308 Permanent Redirect
Date: Mon, 05 Jan 2026 00:23:51 GMT
Content-Type: text/html
Content-Length: 136
Connection: close
Location: https://photos.zlyxy.me/
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
</body>
</html>

Found 2026-01-05 by HttpPlugin

Create report

tdrr.zlyxy.me

Fingerprint:

d2f7a830fd3e9ec0b4bcad09664e933c8d707af7a0c5fd3986944a755d792fde

CN:

tdrr.zlyxy.me

Key:

ECDSA-384

Issuer:

Not before:

2025-10-06 14:46

Not after:

2026-01-04 14:46

qb.zlyxy.me

Fingerprint:

b6ff44e25c5773b92fbdddf7ce6166b0dd37212b7d28f9f8247373b2f8e352bc

CN:

qb.zlyxy.me

Key:

ECDSA-384

Issuer:

Not before:

2025-10-06 14:46

Not after:

2026-01-04 14:46

home.zlyxy.me

Fingerprint:

236c91fc8b0a854bab88888093c8174f1e782ac0fc9a2eda46734f1f6eef36f2

CN:

home.zlyxy.me

Key:

ECDSA-384

Issuer:

Not before:

2025-10-06 14:48

Not after:

2026-01-04 14:48

gw.zlyxy.me

Fingerprint:

9915be48ba761d76ad6b9ee4ebeeb08374a23edda616a5bea64328b5458bdfbf

CN:

Key:

ECDSA-384

Issuer:

Not before:

2026-01-05 00:06

Not after:

2026-01-11 16:06

core-crs308-01.zlyxy.mecrs.zlyxy.me

Fingerprint:

f69b0a0f52b58e2e7b56ee494c349a94165f68efa9c020d74568886a8a933663

CN:

core-crs308-01.zlyxy.me

Key:

ECDSA-384

Issuer:

Not before:

2025-10-06 14:47

Not after:

2026-01-04 14:47

photos.jonzobrist.comphotos.zlyxy.me

Fingerprint:

6401798e5cc792d895f21a90880287e7c557195ad8b140c1498b12649f029290

CN:

Key:

ECDSA-384

Issuer:

Not before:

2026-01-05 00:06

Not after:

2026-01-11 16:06

ab.zlyxy.me

Fingerprint:

c91001cced0de48933a283b3a724f73ba52cd76b8d484c685539eaea828596cd

CN:

Key:

ECDSA-384

Issuer:

Not before:

2026-01-05 00:06

Not after:

2026-01-11 16:06

geogaurd.zlyxy.me

Fingerprint:

e8ea3819b81cf11ddd4708a30dea12efeafbc7f8f294571c1f0a3ee234178969

CN:

Key:

ECDSA-384

Issuer:

YE2

Not before:

2026-01-10 02:31

Not after:

2026-01-16 18:31

Domain summary

js.zlyxy.me 1 gw.zlyxy.me 0 core-crs308-01.zlyxy.me 1 pve.zlyxy.me 0 omv.zlyxy.me 0 home.zlyxy.me 1 prr.zlyxy.me 0 ffl.zlyxy.me 0 qb.zlyxy.me 0 photos.jonzobrist.com 1 photos.zlyxy.me 1 dash.jonzobrist.com 0 ab.zlyxy.me 0 geogaurd.zlyxy.me 0 tdrr.zlyxy.me 1

15 recorded

Host 71.231.56.79

United States

SSH is potenitally vulnerable

Swagger API description is publicly available

tdrr.zlyxy.me

qb.zlyxy.me

home.zlyxy.me

gw.zlyxy.me

core-crs308-01.zlyxy.mecrs.zlyxy.me

photos.jonzobrist.comphotos.zlyxy.me

ab.zlyxy.me

geogaurd.zlyxy.me

Domain summary