GeneralInformation

Hostnames	api.igliverec.com app.igliverec.com jfj4s4f3fj80jk1337.igliverec.com www.igliverec.com static.224.139.119.168.clients.your-server.de
Domains	igliverec.com your-server.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

WebTechnologies

Database managers

Databases

JavaScript libraries

Programming languages

PHP

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-25727	In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.
CVE-2022-0813	5.0PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
CVE-2020-22452	SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.

OpenPorts

22 80 443

-1237684258 | 2024-05-09T15:45:56.333689

22 / tcp

SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCrwKSYa9kJRKLN3vlqm2ola6Gt/zlcf/0D97pwUb/si+aN
bvdwFUJhqk3UMYMG+GCbV9bE0+vIa2qo9zemWkRdP32mlOjJw0R/FF32ZIBGnN/QbAA+yrRDWlw1
emg8feTh/OQ5JWzSCKDCK4htVjUkb+SuK+3zXhc+81eKydxt2aqs6/XarNvrcLR8lChtSGBAzaNZ
W5IBpM1V28AgG9lms+ZixofxYWsCcDY4VEdFTFpM2hD/0SMToFNAB3+wtYhyZTPC3SGyOhrLUcLS
UMtWFrw/054WP5W+OzG3TPCADfZjuLa/j2i1qBbPwRQBlRSLz6+ciYNEOVzgMsqOYlcd
Fingerprint: 1e:00:c3:fe:e2:98:32:96:e0:aa:4b:37:76:c2:c5:0f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1765360226 | 2024-05-12T18:09:01.119404

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Sun, 12 May 2024 18:08:38 GMT
Content-Type: text/html
Content-Length: 548
Connection: keep-alive
Vary: Accept-Encoding

-1345853514 | 2024-05-10T20:50:05.253526

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 20:50:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: goto_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
Set-Cookie: back_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
Set-Cookie: pma_lang_https=en; expires=Sun, 09-Jun-2024 20:50:05 GMT; Max-Age=2592000; path=/; secure; HttpOnly
Set-Cookie: phpMyAdmin_https=k4n9l36ff9jdug2i4kig4ajgv3; path=/; secure; HttpOnly
X-ob_mode: 1
X-Frame-Options: DENY
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data:  *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data:  *.tile.openstreetmap.org;object-src 'none';
X-WebKit-CSP: default-src 'self' ;script-src 'self'  'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data:  *.tile.openstreetmap.org;object-src 'none';
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
Expires: Fri, 10 May 2024 20:50:05 +0000
Cache-Control: no-store, no-cache, must-revalidate,  pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Last-Modified: Fri, 10 May 2024 20:50:05 +0000
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:b6:22:f6:90:2b:49:a4:7c:a4:1c:ba:78:e2:7a:9c:78:df
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 16 11:58:10 2024 GMT
            Not After : Jun 14 11:58:09 2024 GMT
        Subject: CN=app.igliverec.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:2c:96:3b:bd:18:18:bb:45:27:3b:5d:ef:9e:42:
                    36:c2:14:38:f9:b5:bd:48:4e:10:24:2d:ad:aa:8e:
                    33:e9:93:33:c3:0f:82:57:ec:5c:f8:55:17:22:f3:
                    a4:a8:b7:5d:6e:ac:8e:ea:b2:6b:e0:d8:be:b3:ec:
                    90:06:6a:c9:c5
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                81:DC:98:CC:FE:28:81:81:DA:B6:37:75:20:FA:8A:8C:3C:87:60:29
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.igliverec.com, DNS:app.igliverec.com, DNS:jfj4s4f3fj80jk1337.igliverec.com, DNS:www.igliverec.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 16 12:58:10.853 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:79:A8:DE:FF:D8:21:80:97:7A:1A:51:03:
                                22:A7:78:03:1F:56:3A:0C:E5:B8:EB:FD:CB:38:4F:BF:
                                DF:AE:E7:DE:02:20:7C:F3:13:52:15:E1:4F:23:A0:EC:
                                73:79:D1:6C:30:07:23:DF:A6:FB:40:08:80:11:74:19:
                                04:08:76:15:DE:81
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 16 12:58:10.892 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:06:83:88:D7:25:50:53:56:14:A9:B3:59:
                                FB:01:A9:E1:6E:EC:39:B7:AA:CD:35:9B:77:39:C6:7F:
                                6C:FC:A4:8F:02:20:30:5D:E2:2C:DE:8D:5D:9A:DD:8F:
                                0D:8F:D6:18:00:ED:12:D4:12:FF:F3:AC:5B:B0:9E:BD:
                                1F:21:33:D0:3F:0F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        45:4e:83:80:41:69:0c:5f:b3:ff:73:2e:85:79:7c:2c:2b:01:
        96:03:03:60:08:70:2a:d3:f2:ef:9d:6e:1a:2c:5e:5d:09:a8:
        28:c5:5e:b9:4a:a6:7b:fe:67:d2:cf:ee:f0:47:f9:60:1a:a5:
        7b:9a:b2:0e:fd:03:18:60:4f:52:9a:29:44:da:22:0f:ef:4a:
        e1:69:61:31:cc:4a:83:32:b0:87:19:01:ac:15:27:6c:b0:6a:
        8e:c3:f3:31:a2:36:e3:70:95:22:65:d6:4c:db:f6:be:c9:09:
        5a:a8:c5:8c:c1:2c:2d:42:d5:a4:13:24:5f:fd:28:9a:7e:00:
        a8:bb:03:aa:75:44:2f:51:83:bd:6c:f7:9c:34:3b:aa:ae:c1:
        96:b3:e8:1a:5f:2a:86:67:cd:c7:f7:10:7c:0a:6b:a9:8d:89:
        50:06:44:0f:a7:d1:6b:8d:a4:68:90:c3:1a:ed:a5:63:9d:fc:
        54:71:1f:c2:7a:5d:9f:54:14:56:21:c7:14:87:7b:f1:70:17:
        07:d1:b2:98:21:9b:26:63:c7:2f:b5:e3:f3:ca:3b:68:92:6a:
        81:01:a6:5f:41:a1:92:72:f0:b1:fc:a4:cf:22:21:3d:81:d0:
        22:09:f6:c6:a0:a2:0c:e3:2f:ed:2d:68:ae:a0:3b:c4:6d:3f:
        77:fc:d8:d9

168.119.139.224

Last Seen: 2024-05-12

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1237684258 | 2024-05-09T15:45:56.333689
22 / tcp

OpenSSH7.9p1 Debian 10+deb10u2

1765360226 | 2024-05-12T18:09:01.119404
80 / tcp

nginx

-1345853514 | 2024-05-10T20:50:05.253526
443 / tcp

nginx

Products

Pricing

Contact Us

168.119.139.224

Last Seen: 2024-05-12

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1237684258 | 2024-05-09T15:45:56.333689 22 / tcp

OpenSSH7.9p1 Debian 10+deb10u2

1765360226 | 2024-05-12T18:09:01.119404 80 / tcp

nginx

-1345853514 | 2024-05-10T20:50:05.253526 443 / tcp

nginx

Products

Pricing

Contact Us

-1237684258 | 2024-05-09T15:45:56.333689
22 / tcp

1765360226 | 2024-05-12T18:09:01.119404
80 / tcp

-1345853514 | 2024-05-10T20:50:05.253526
443 / tcp