Domain api.drdeal.fr
Germany
Software information
nginx
tcp/443 tcp/80
sw-cp-server
tcp/8443
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 87.106.116.92
Domain: www.api.drdeal.fr
Port: 443
URL: https://www.api.drdeal.fr/_profiler/empty/search/resultsFirst seen 2025-01-05 12:48
Last seen 2026-01-09 12:09
Open for 368 days-
Fingerprint: 407cf4363b0e62fafca67e07346fb1a2346fb1a2346fb1a2346fb1a2346fb1a2
Symfony profiler enabled: https://www.api.drdeal.fr/_profiler/empty/search/results
Found on 2026-01-09 12:09
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2024-11-06 12:49
Last seen 2026-01-02 14:18
Open for 422 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0ff409caf1c8ad90c3f8c58770f8c58770Found 3 files trough .DS_Store spidering: /assets /assets/tiptop_logo.png /index.php
Found on 2026-01-02 14:18
-
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 87.106.116.92
Domain: api.drdeal.fr
Port: 443
URL: https://api.drdeal.fr/_profiler/empty/search/resultsFirst seen 2024-11-06 12:49
Last seen 2026-01-09 13:14
Open for 429 days-
Fingerprint: 407cf4363b0e62fafca67e072f1cbb432f1cbb432f1cbb432f1cbb432f1cbb43
Symfony profiler enabled: https://api.drdeal.fr/_profiler/empty/search/results
Found on 2026-01-09 13:14
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2025-01-05 12:48
Last seen 2026-01-03 01:06
Open for 362 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0ff409caf1c8ad90c3f8c58770f8c58770Found 3 files trough .DS_Store spidering: /assets /assets/tiptop_logo.png /index.php
Found on 2026-01-03 01:06
-
-
Open service 87.106.116.92:443 · api.drdeal.fr
2026-01-09 13:14
HTTP/1.1 404 Not Found Server: nginx Date: Fri, 09 Jan 2026 13:14:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.29 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 4f5998 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/4f5998 X-Robots-Tag: noindex
Found 3 days ago by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2026-01-09 12:09
HTTP/1.1 404 Not Found Server: nginx Date: Fri, 09 Jan 2026 12:09:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.29 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 98918c X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/98918c X-Robots-Tag: noindex
Found 3 days ago by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2026-01-08 21:58
HTTP/1.1 404 Not Found Server: nginx Date: Thu, 08 Jan 2026 21:58:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.29 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 84ffbf X-Debug-Token-Link: https://api.drdeal.fr/_profiler/84ffbf X-Robots-Tag: noindex
Found 2026-01-08 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2026-01-08 20:39
HTTP/1.1 404 Not Found Server: nginx Date: Thu, 08 Jan 2026 20:39:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.29 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: abff49 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/abff49 X-Robots-Tag: noindex
Found 2026-01-08 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2026-01-03 01:06
HTTP/1.1 404 Not Found Server: nginx Date: Sat, 03 Jan 2026 01:06:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: c03fbd X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/c03fbd X-Robots-Tag: noindex
Found 2026-01-03 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2026-01-02 14:18
HTTP/1.1 404 Not Found Server: nginx Date: Fri, 02 Jan 2026 14:18:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 2b8db8 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/2b8db8 X-Robots-Tag: noindex
Found 2026-01-02 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2026-01-02 14:18
HTTP/1.1 404 Not Found Server: nginx Date: Fri, 02 Jan 2026 14:18:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: da8117 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/da8117 X-Robots-Tag: noindex
Found 2026-01-02 by HttpPluginCreate report
-
Open service 87.106.116.92:80 · api.drdeal.fr
2025-12-31 12:48
HTTP/1.1 301 Moved Permanently Server: nginx Date: Wed, 31 Dec 2025 12:48:54 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://api.drdeal.fr/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-31 by HttpPluginCreate report
-
Open service 87.106.116.92:80 · www.api.drdeal.fr
2025-12-31 12:48
HTTP/1.1 301 Moved Permanently Server: nginx Date: Wed, 31 Dec 2025 12:48:54 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.api.drdeal.fr/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-31 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-31 12:48
HTTP/1.1 404 Not Found Server: nginx Date: Wed, 31 Dec 2025 12:48:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: eb64f3 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/eb64f3 X-Robots-Tag: noindex
Found 2025-12-31 by HttpPluginCreate report
-
Open service 87.106.116.92:8443 · www.api.drdeal.fr
2025-12-31 12:48
HTTP/1.1 303 See Other Server: sw-cp-server Date: Wed, 31 Dec 2025 12:48:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Fri, 28 May 1999 00:00:00 GMT Last-Modified: Wed, 31 Dec 2025 12:48:54 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: https://www.api.drdeal.fr/login.php X-Content-Type-Options: nosniff
Found 2025-12-31 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-31 12:48
HTTP/1.1 404 Not Found Server: nginx Date: Wed, 31 Dec 2025 12:48:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: af3a3c X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/af3a3c X-Robots-Tag: noindex
Found 2025-12-31 by HttpPluginCreate report
-
Open service 87.106.116.92:8443 · api.drdeal.fr
2025-12-31 12:48
HTTP/1.1 303 See Other Server: sw-cp-server Date: Wed, 31 Dec 2025 12:48:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Fri, 28 May 1999 00:00:00 GMT Last-Modified: Wed, 31 Dec 2025 12:48:54 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Location: https://api.drdeal.fr/login.php X-Content-Type-Options: nosniff
Found 2025-12-31 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-30 05:31
HTTP/1.1 404 Not Found Server: nginx Date: Tue, 30 Dec 2025 05:31:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: dbaaec X-Debug-Token-Link: https://api.drdeal.fr/_profiler/dbaaec X-Robots-Tag: noindex
Found 2025-12-30 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-30 05:15
HTTP/1.1 404 Not Found Server: nginx Date: Tue, 30 Dec 2025 05:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 9cdc02 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/9cdc02 X-Robots-Tag: noindex
Found 2025-12-30 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-23 07:48
HTTP/1.1 404 Not Found Server: nginx Date: Tue, 23 Dec 2025 07:48:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 66fc36 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/66fc36 X-Robots-Tag: noindex
Found 2025-12-23 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-23 07:24
HTTP/1.1 404 Not Found Server: nginx Date: Tue, 23 Dec 2025 07:24:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 98bc41 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/98bc41 X-Robots-Tag: noindex
Found 2025-12-23 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-23 05:03
HTTP/1.1 404 Not Found Server: nginx Date: Tue, 23 Dec 2025 05:03:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 0bba50 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/0bba50 X-Robots-Tag: noindex
Found 2025-12-23 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-22 21:44
HTTP/1.1 404 Not Found Server: nginx Date: Mon, 22 Dec 2025 21:44:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 9e6427 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/9e6427 X-Robots-Tag: noindex
Found 2025-12-22 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-21 05:49
HTTP/1.1 404 Not Found Server: nginx Date: Sun, 21 Dec 2025 05:49:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 10be46 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/10be46 X-Robots-Tag: noindex
Found 2025-12-21 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-21 02:46
HTTP/1.1 404 Not Found Server: nginx Date: Sun, 21 Dec 2025 02:46:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: cd936d X-Debug-Token-Link: https://api.drdeal.fr/_profiler/cd936d X-Robots-Tag: noindex
Found 2025-12-21 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-20 23:08
HTTP/1.1 404 Not Found Server: nginx Date: Sat, 20 Dec 2025 23:08:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 992a2a X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/992a2a X-Robots-Tag: noindex
Found 2025-12-20 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-20 20:08
HTTP/1.1 404 Not Found Server: nginx Date: Sat, 20 Dec 2025 20:08:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 081061 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/081061 X-Robots-Tag: noindex
Found 2025-12-20 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · api.drdeal.fr
2025-12-19 03:48
HTTP/1.1 404 Not Found Server: nginx Date: Fri, 19 Dec 2025 03:48:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 97cc06 X-Debug-Token-Link: https://api.drdeal.fr/_profiler/97cc06 X-Robots-Tag: noindex
Found 2025-12-19 by HttpPluginCreate report
-
Open service 87.106.116.92:443 · www.api.drdeal.fr
2025-12-19 00:55
HTTP/1.1 404 Not Found Server: nginx Date: Fri, 19 Dec 2025 00:55:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.28 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 X-Debug-Token: 165f61 X-Debug-Token-Link: https://www.api.drdeal.fr/_profiler/165f61 X-Robots-Tag: noindex
Found 2025-12-19 by HttpPluginCreate report