LeakIX - Host app.airlod.com

Domain app.airlod.com

Netherlands

CLOUDFLARENET

Software information

cloudflare

tcp/443 tcp/80 tcp/8443

Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 188.114.97.3
Domain: app.airlod.com
Port: 443
URL: https://app.airlod.com/_profiler/empty/search/results

First seen 2022-08-15 16:20
Last seen 2023-03-08 17:20
Open for 205 days
- Fingerprint: 407cf4363b0e62fafca67e0740aeb19c40aeb19c40aeb19c40aeb19c40aeb19c
```
Symfony profiler enabled:
https://app.airlod.com/_profiler/empty/search/results
```
  Found on 2022-08-15 16:20
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 2a06:98c1:3120::3
Domain: app.airlod.com
Port: 80
URL: http://app.airlod.com/_profiler/empty/search/results

First seen 2022-08-15 16:20
Last seen 2023-03-08 17:20
Open for 205 days
- Fingerprint: 407cf4363b0e62fafca67e0775ab184575ab184575ab184575ab184575ab1845
```
Symfony profiler enabled:
http://app.airlod.com/_profiler/empty/search/results
```
  Found on 2022-08-15 16:20
Create report

Open service 2a06:98c1:3121::3:80 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 302 Found
Date: Mon, 18 Nov 2024 02:23:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0, must-revalidate, private
Link: <http://app.airlod.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Expires: Mon, 18 Nov 2024 02:23:51 GMT
Set-Cookie: PHPSESSID=op3nfsvtbuvcovndn5e4l357bv; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
Location: /login
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03sBN1XRvO%2F8CZKFa12TIUzIqDTjT3oO6d8Pv9JjHBdteGWyHxg5MK8uJAzKtgVmiJDrlpQZ%2BHUn%2BNmvKJ5GeCArI1rfH5BVVI0fp1xh99yBURGPibBmYjwNorCFZ6S%2F8%2BHozvZ%2Bx100VAH3yA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8e4480120d469718-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1363&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=209&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 2024-11-18 by HttpPlugin

Create report

Open service 188.114.97.3:443 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 302 Found
Date: Mon, 18 Nov 2024 02:23:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0, must-revalidate, private
Link: <https://app.airlod.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Expires: Mon, 18 Nov 2024 02:23:51 GMT
Set-Cookie: PHPSESSID=qjk0o9qrbm0b6215pgdoft40qe; path=/; secure; httponly; samesite=lax
cf-cache-status: DYNAMIC
Location: /login
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDGsp9IeJA%2BnNxTgOvxuELSs3iV2CLKrphR0Bz88HaIV8vgtm28xVXGFqmnUgrW2JEnvsYNGorCswtZxHb9Q%2Bb1pUuBrpRgi8cVYmDIwy0cuXECe9efP8BrbG%2FBlQIK8Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8e448022ffafe7c8-SYD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=261252&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3089&recv_bytes=560&delivery_rate=16657&cwnd=33&unsent_bytes=0&cid=c8950e27743021f0&ts=4195&x=0"

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 2024-11-18 by HttpPlugin

Create report

Open service 188.114.97.3:8443 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 523 
Date: Mon, 18 Nov 2024 02:23:45 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdgxYJvN6KDIscFERH%2FSVBi8mdQ%2Bh%2F2r%2BjryfLo%2Fxo%2F4iGNxpNoJ6Wafz89V5imM%2BPX%2BrWb4%2F03Eh%2FbDlLtUdsC%2BURL%2Fb%2BomusvGwbEBmBjvnq3BLXgfBx6fXgJDJry67A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8e4480125a06dcba-FRA
alt-svc: h3=":8443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=887&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3089&recv_bytes=560&delivery_rate=5183770&cwnd=252&unsent_bytes=0&cid=6a01e5554abd6b79&ts=36&x=0"


error code: 523

Found 2024-11-18 by HttpPlugin

Create report

Open service 188.114.97.3:80 · app.airlod.com

2024-11-18 02:23
Found 2024-11-18 by HttpPlugin
Create report

Open service 2a06:98c1:3120::3:443 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 302 Found
Date: Mon, 18 Nov 2024 02:23:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0, must-revalidate, private
Link: <https://app.airlod.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Expires: Mon, 18 Nov 2024 02:23:50 GMT
Set-Cookie: PHPSESSID=i13es9cm3209f2la4ujvqbmc6f; path=/; secure; httponly; samesite=lax
cf-cache-status: DYNAMIC
Location: /login
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6TPK2yk8FSJdqivq7orGZeZWDst8pWniTtPJBURmJN67iuojkP7nJdW74aZqvDdTE0yj7Uu6nkQ03UehaK%2FUpTQkcoEkt3c5l995LYtG8md%2B4VgEMdVizSAPjnhk0xMtLuEoEf5v9jfDshmYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8e4480126f1893c0-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1043&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3090&recv_bytes=557&delivery_rate=3800751&cwnd=252&unsent_bytes=0&cid=5d90b22d61957d72&ts=5225&x=0"

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 2024-11-18 by HttpPlugin

Create report

Open service 2a06:98c1:3121::3:8443 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 523 
Date: Mon, 18 Nov 2024 02:23:45 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpS1sPHcPZFKhbVPUnomngvneNqMTw6UZY4OwUQoEpIK10BU2egQ%2FZMwdWvOjrqOG1ebgwd3Vid3xyRWLo8EfuC%2BcE8PU9IsPjOVJVQQ82Pi6QFEttkeezCIENHSUsfECL00Zah2pDE1vEjn8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8e44801579f31e0c-FRA
alt-svc: h3=":8443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=999&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3090&recv_bytes=557&delivery_rate=3710091&cwnd=252&unsent_bytes=0&cid=489f12147cd9183e&ts=25&x=0"


error code: 523

Found 2024-11-18 by HttpPlugin

Create report

Open service 2a06:98c1:3121::3:443 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 302 Found
Date: Mon, 18 Nov 2024 02:23:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0, must-revalidate, private
Link: <https://app.airlod.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Expires: Mon, 18 Nov 2024 02:23:51 GMT
Set-Cookie: PHPSESSID=str0vitm5n2cvfv83quet3kink; path=/; secure; httponly; samesite=lax
cf-cache-status: DYNAMIC
Location: /login
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTGDcdMkPV6cSI6tXeGMzX2iMRVgT%2BCAjYamg%2FebXNhfVehtK4OxiF06kgr9oVDDL6ZBMQxqpfOkK0GlLUqEsefpzrJUNwzzNCrQt22bl0kGxjiVmmT%2BL4mClr%2FO0Zc2cKlU3584%2BSpqDK0RzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8e44801ace03199e-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=860&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3090&recv_bytes=557&delivery_rate=4590238&cwnd=252&unsent_bytes=0&cid=7419cc61fcb62bef&ts=4856&x=0"

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 2024-11-18 by HttpPlugin

Create report

Open service 2a06:98c1:3120::3:8443 · app.airlod.com

2024-11-18 02:23

HTTP/1.1 523 
Date: Mon, 18 Nov 2024 02:23:45 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MpyOg1%2FKaJkS9hAD9BeMNE6ksjWgLEZjld%2BMKCSQIPANvBURqZqyQFqHOWo%2FoTNkkqzQMx%2BDChZjIcD10jOmgcpvtZpu29vsCGF3rD%2FffZa9gOnu66f3H0Ir4C6fT0qszk9aG5qb9jS78VGfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8e448012fec1d286-FRA
alt-svc: h3=":8443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1147&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3090&recv_bytes=557&delivery_rate=3049773&cwnd=252&unsent_bytes=0&cid=a3f895fcc7233c6a&ts=15&x=0"


error code: 523

Found 2024-11-18 by HttpPlugin

Create report

airlod.com*.airlod.com

Fingerprint:

4c7ade7eb535e6c73997b6aee13b02c634b233caf5e43b1c177bac73da3d1edd

CN:

airlod.com

Key:

ECDSA-256

Issuer:

WE1

Not before:

2024-10-04 15:42

Not after:

2025-01-02 15:42

Domain summary

app.airlod.com 9

1 recorded

IP summary

2a06:98c1:3121::3 1 188.114.97.3 1 2a06:98c1:3120::3 1

3 recorded

Domain app.airlod.com

Netherlands

Software information

Symfony developement panel enabled

Symfony developement panel enabled

airlod.com*.airlod.com

Domain summary

IP summary