Robot | Path | Permission |
GoogleBot | / | ✔ |
BingBot | / | ✔ |
BaiduSpider | / | ✔ |
YandexBot | / | ✔ |
Title | httpoxy |
Description | httpoxy is a vulnerability in PHP and CGI web applications that allows remote attackers to proxy |
Keywords | N/A |
WebSite | httpoxy.org |
Host IP | 54.192.58.36 |
Location | United States |
Site | Rank |
US$260,631
Last updated: 2023-05-09 12:42:31
httpoxy.org has Semrush global rank of 40,610,416. httpoxy.org has an estimated worth of US$ 260,631, based on its estimated Ads revenue. httpoxy.org receives approximately 30,073 unique visitors each day. Its web server is located in United States, with IP address 54.192.58.36. According to SiteAdvisor, httpoxy.org is safe to visit. |
Purchase/Sale Value | US$260,631 |
Daily Ads Revenue | US$241 |
Monthly Ads Revenue | US$7,218 |
Yearly Ads Revenue | US$86,610 |
Daily Unique Visitors | 2,005 |
Note: All traffic and earnings values are estimates. |
Host | Type | TTL | Data |
httpoxy.org. | A | 299 | IP: 54.192.58.36 |
httpoxy.org. | A | 299 | IP: 54.192.58.111 |
httpoxy.org. | A | 299 | IP: 54.192.58.23 |
httpoxy.org. | A | 299 | IP: 54.192.58.83 |
httpoxy.org. | NS | 86400 | NS Record: ns-813.awsdns-37.net. |
httpoxy.org. | NS | 86400 | NS Record: ns-1526.awsdns-62.org. |
httpoxy.org. | NS | 86400 | NS Record: ns-2039.awsdns-62.co.uk. |
httpoxy.org. | NS | 86400 | NS Record: ns-285.awsdns-35.com. |
Recommended reading Summary What Is Affected Immediate Mitigation Prevention Interesting, but once you’ve mitigated How It Works Why It Happened History of httpoxy CVEs A CGI application vulnerability (in 2016) for PHP, Go, Python and others httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict: RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY HTTP_PROXY is a popular environment variable used to configure an outgoing proxy This leads to a remotely exploitable vulnerability. If you’re running PHP or CGI, you should block the Proxy header. Here’s how. httpoxy is a vulnerability for server-side web applications. If you’re not deploying code, you don’t need to worry. What can happen if my web application is vulnerable? If a vulnerable HTTP client makes an outgoing HTTP connection, while running in a server-side CGI application, an attacker |
HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Sun, 31 Oct 2021 21:16:18 GMT Content-Type: text/html Content-Length: 183 Connection: keep-alive Location: https://httpoxy.org/ X-Cache: Redirect from cloudfront Via: 1.1 77dc26119e8c7a5f9e0061e54df1d307.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MSP50-C2 X-Amz-Cf-Id: D8As1XklNwSxmtqjEDPYEQNcQujXQYE0bmMaKpjRdn2-gbgg9N07-w== HTTP/1.1 200 OK Content-Type: text/html Content-Length: 42884 Connection: keep-alive Last-Modified: Thu, 02 Nov 2017 12:28:42 GMT Server: AmazonS3 Date: Sun, 31 Oct 2021 21:16:19 GMT ETag: "8b58a6ac2aae18d8682c016a477e31e6" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 de1797055c1d91d471d1102de87954ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MSP50-C2 X-Amz-Cf-Id: PAoYPS76kOww4AkspNfWxpJOpBTFrNcl9omdZllczituPDoHNXP6Pg== |
Domain Name: HTTPOXY.ORG Registry Domain ID: D189299208-LROR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-06-05T06:42:09Z Creation Date: 2016-07-05T04:34:31Z Registry Expiry Date: 2022-07-05T04:34:31Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Registrar Abuse Contact Phone: +1.6613102107 Domain Status: ok https://icann.org/epp#ok Registrant State/Province: Capital Region Registrant Country: IS Name Server: NS-1526.AWSDNS-62.ORG Name Server: NS-285.AWSDNS-35.COM Name Server: NS-813.AWSDNS-37.NET Name Server: NS-2039.AWSDNS-62.CO.UK DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/) >>> Last update of WHOIS database: 2021-09-19T07:06:20Z <<< |