Domain api.hemlock.geshdo.dev
United States
-
A JSON configuration file has been found
A JSON configuration file has been found at
config.json.It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
First seen 2022-06-30 20:59
Last seen 2024-11-14 04:27
Open for 867 days-
Fingerprint: b18befd9dd6536820481ee3a0481ee3a0481ee3a0481ee3a0481ee3a0481ee3a
{"message":"Nice, you managed to send a GET request with a slug","slug":"config.json"}Found on 2024-11-14 04:27
-
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-11-02 13:16
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: b75c6c73b12706ae7a16f5c887802b88 Date: Sat, 02 Nov 2024 13:16:27 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-11-02 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-11-01 05:11
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 8173d379c3f7c4630d77b75c37e8f81f Date: Fri, 01 Nov 2024 05:11:54 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-11-01 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-10-30 04:46
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 12b962b3332d02623014cc578708fe86 Date: Wed, 30 Oct 2024 04:46:08 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-10-30 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-10-20 16:20
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 2bf2f564877dfc57fc356f6d5c065da7 Date: Sun, 20 Oct 2024 16:20:06 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-10-20 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-10-18 16:14
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 9b36cdb50c143a495afffab31de289a1 Date: Fri, 18 Oct 2024 16:15:02 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-10-18 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-10-16 15:17
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 0085dba33a537d8d1a1fc63030ad531a Date: Wed, 16 Oct 2024 15:18:05 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-10-16 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-10-14 11:42
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 34aafe7c0b3b16da36cf284edefbd70b Date: Mon, 14 Oct 2024 11:42:13 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-10-14 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-10-02 15:28
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 4b358c5d82f7685fedfbff66ebec0ae3 Date: Wed, 02 Oct 2024 15:28:41 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-10-02 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-09-30 19:34
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: bdd4817807f1a2732bc3663ebaac8bf3 Date: Mon, 30 Sep 2024 19:34:23 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-09-30 by HttpPluginCreate report
-
Open service 142.250.185.115:443 · api.hemlock.geshdo.dev
2024-09-28 20:23
HTTP/1.1 200 OK content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'sha256-g6TK8Crx7YtGVUN10j0q8wD3cvwyzlvBMzQx4UjBPg4=';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' https://login.microsoftonline.com/geshdo.onmicrosoft.com/oauth2/v2.0/token cross-origin-opener-policy: unsafe-none x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"35-nfvlLOMEujtoNdh6+BqjJBOnTG4" vary: Accept-Encoding X-Cloud-Trace-Context: 9aa335af40a9f1730d446e55585f5629 Date: Sat, 28 Sep 2024 20:23:34 GMT Server: Google Frontend Content-Length: 53 Connection: close {"message":"Nice, you managed to send a GET request"}Found 2024-09-28 by HttpPluginCreate report