nginx
tcp/443 tcp/80
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaa9ac17cc792e48054f11a6a87555e3bdf555e3bdf
NoAuth Found topic ua.lirugo.kraft_2_commons.NotificationTopic Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic Found topic ua.lirugo.kraft_2_commons.AuditEventTopic Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa1453e37901318789ca0fb8aaa084b62da084b62d
NoAuth Found topic ua.lirugo.kraft_2_commons.AuditEventTopic Found topic __consumer_offsets Found topic ua.lirugo.kraft_2_commons.NotificationTopic Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic
Fingerprint: 43224224eeda9da960defeaa28afcc2d3dc5fc3c44181dacbb49bf7dbb49bf7d
NoAuth Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic Found topic ua.lirugo.kraft_2_commons.AuditEventTopic Found topic __consumer_offsets Found topic ua.lirugo.kraft_2_commons.NotificationTopic
Fingerprint: 43224224eeda9da960defeaa0efe442a10b30147eeba60d4ad7a0c07ad7a0c07
NoAuth Found topic __consumer_offsets Found topic ua.lirugo.kraft_2_commons.NotificationTopic Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic Found topic ua.lirugo.kraft_2_commons.AuditEventTopic
Fingerprint: 43224224eeda9da960defeaa0efe442a7a1e65add8fa81de4ea473854ea47385
NoAuth Found topic __consumer_offsets Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic Found topic ua.lirugo.kraft_2_commons.NotificationTopic Found topic ua.lirugo.kraft_2_commons.AuditEventTopic
Fingerprint: 43224224eeda9da960defeaa28afcc2d7d24a15e9244d20513424f3513424f35
NoAuth Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic Found topic ua.lirugo.kraft_2_commons.NotificationTopic Found topic ua.lirugo.kraft_2_commons.AuditEventTopic Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa0efe442a7a1e65add8fa81ded8fa81ded8fa81de
NoAuth Found topic __consumer_offsets Found topic ua.lirugo.kraft_2_commons.NotificationWithAttachmentsTopic Found topic ua.lirugo.kraft_2_commons.NotificationTopic
Fingerprint: 43224224eeda9da960defeaa9ac17cc7b6e25a1fb6e25a1fb6e25a1fb6e25a1f
NoAuth Found topic ua.lirugo.kraft_2_commons.NotificationTopic Found topic __consumer_offsets
The docker registry is public and could contain private production images.
This could result in both credentials and source code leak.
Fingerprint: be48c9b1d75b7b1090c0cb5c8efbf60dca55f5bdfd67df8560fac8a7f4955ff6
Found 5 image(s) in docker registry: kraft-2/kraft_2_authorization_service : 1 tags kraft-2/kraft_2_backend : 1 tags kraft-2/kraft_2_crm : 1 tags kraft-2/kraft_2_frontend : 1 tags kraft-2/kraft_2_notification_service : 1 tags
Fingerprint: be48c9b1d75b7b1090c0cb5ca9db9fd15a6c5ecbe6a0058be68ead1759be6c6d
Found 5 image(s) in docker registry: HTTP/1.1 200 OK Cache-Control: no-cache Date: Mon, 08 May 2023 07:36:55 GMT Content-Length: 0 Connection: close kraft-2/kraft_2_authorization_service : 1 tags kraft-2/kraft_2_backend : 1 tags kraft-2/kraft_2_crm : 1 tags kraft-2/kraft_2_frontend : 1 tags kraft-2/kraft_2_notification_service : 1 tags
Open service 88.198.193.193:5000
2024-05-08 13:00
HTTP/1.1 200 OK Cache-Control: no-cache Date: Wed, 08 May 2024 13:00:21 GMT Content-Length: 0 Connection: close
Open service 88.198.193.193:5000
2024-04-30 19:49
HTTP/1.1 200 OK Cache-Control: no-cache Date: Tue, 30 Apr 2024 19:49:27 GMT Content-Length: 0 Connection: close
Open service 88.198.193.193:5000
2024-04-28 18:23
HTTP/1.1 200 OK Cache-Control: no-cache Date: Sun, 28 Apr 2024 18:23:16 GMT Content-Length: 0 Connection: close
Open service 88.198.193.193:443
2024-04-25 12:36
HTTP/1.1 200 OK Server: nginx Date: Thu, 25 Apr 2024 12:36:07 GMT Content-Type: text/html; charset=utf-8 Content-Length: 998 Connection: close X-Powered-By: Express Accept-Ranges: bytes ETag: W/"3e6-qd1qNKZGKWydfl/zccY/q7sG0ig" Vary: Accept-Encoding Page title: Onliner 2.0 KRAFT <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <link rel="icon" href="o_2_icon.jpg" type="image/x-icon"> <link href="https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp" /> <title>Onliner 2.0 KRAFT</title> <script src="__ENV.js"></script> <script src="https://www.google.com/recaptcha/api.js?&render=6Lfj5J4pAAAAAKaS_YQJ_7w8l5DoiYqeEwrpd1JX" async defer></script> <script defer src="/js/chunk-vendors.js"></script><script defer src="/js/app.js"></script></head> <body> <div id="app"></div> <!-- built files will be auto injected --> </body> </html>
Open service 88.198.193.193:5000
2024-04-24 02:59
HTTP/1.1 200 OK Cache-Control: no-cache Date: Wed, 24 Apr 2024 02:59:12 GMT Content-Length: 0 Connection: close
Open service 88.198.193.193:22
2024-04-23 23:27
Open service 88.198.193.193:80
2024-04-23 17:05
HTTP/1.1 200 OK Server: nginx Date: Tue, 23 Apr 2024 17:05:45 GMT Content-Type: text/html; charset=utf-8 Content-Length: 998 Connection: close X-Powered-By: Express Accept-Ranges: bytes ETag: W/"3e6-qd1qNKZGKWydfl/zccY/q7sG0ig" Vary: Accept-Encoding Page title: Onliner 2.0 KRAFT <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <link rel="icon" href="o_2_icon.jpg" type="image/x-icon"> <link href="https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp" /> <title>Onliner 2.0 KRAFT</title> <script src="__ENV.js"></script> <script src="https://www.google.com/recaptcha/api.js?&render=6Lfj5J4pAAAAAKaS_YQJ_7w8l5DoiYqeEwrpd1JX" async defer></script> <script defer src="/js/chunk-vendors.js"></script><script defer src="/js/app.js"></script></head> <body> <div id="app"></div> <!-- built files will be auto injected --> </body> </html>
Open service 88.198.193.193:5000
2024-04-18 19:05
HTTP/1.1 200 OK Cache-Control: no-cache Date: Thu, 18 Apr 2024 19:05:48 GMT Content-Length: 0 Connection: close