Domain app.cestovniprikaz.cz
Germany
Software information
Apache 2.4.38
tcp/443 tcp/80
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 5.189.147.42
Domain: www.app.cestovniprikaz.cz
Port: 443
URL: https://www.app.cestovniprikaz.cz/_profiler/empty/search/resultsFirst seen 2022-09-20 14:02
Last seen 2023-03-19 21:44
Open for 180 days-
Fingerprint: 407cf4363b0e62fafca67e07cc00cd32cc00cd32cc00cd32cc00cd32cc00cd32
Symfony profiler enabled: https://www.app.cestovniprikaz.cz/_profiler/empty/search/results
Found on 2022-09-20 14:02
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 5.189.147.42
Domain: app.cestovniprikaz.cz
Port: 443
URL: https://app.cestovniprikaz.cz/_profiler/empty/search/resultsFirst seen 2022-09-20 14:02
Last seen 2023-03-19 21:44
Open for 180 days-
Fingerprint: 407cf4363b0e62fafca67e072b47d61f2b47d61f2b47d61f2b47d61f2b47d61f
Symfony profiler enabled: https://app.cestovniprikaz.cz/_profiler/empty/search/results
Found on 2022-09-20 14:02
-
Open service 5.189.147.42:443 · www.app.cestovniprikaz.cz
2024-09-12 07:58
HTTP/1.1 200 OK Date: Thu, 12 Sep 2024 07:58:40 GMT Server: Apache/2.4.38 (Debian) Set-Cookie: PHPSESSID=3b0681rsnino7o9ei4j0rnqm54; path=/; secure; HttpOnly; SameSite=lax Cache-Control: max-age=0, must-revalidate, private Expires: Thu, 12 Sep 2024 07:58:40 GMT Vary: Accept-Encoding Content-Length: 5509 Connection: close Content-Type: text/html; charset=UTF-8 Page title: Přihlášení do systému <!DOCTYPE html> <html lang="cs"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Přihlášení do systému</title> <link href="https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap" rel="stylesheet"> <link rel="stylesheet" href="/assets/css/bootstrap.css"> <link rel="stylesheet" href="/assets/vendors/bootstrap-icons/bootstrap-icons.css"> <link rel="stylesheet" href="/assets/css/app.css"> <link rel="stylesheet" href="/assets/css/pages/auth.css"> <script src="/js/jquery-3.6.0.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js" integrity="sha384-cVKIPhGWiC2Al4u+LWgxfKTRIcfu0JTxR+EQDz/bgldoEyl4H0zUF0QKbrJ0EcQF" crossorigin="anonymous"></script> <script> $(window).on('load', function() { // console.log(document.cookie); if (!document.cookie.includes('agreeGDPR=1')) { $('#modalGDPR').modal('show'); // console.log('nebyl vysloven souhlas'); } else { // console.log('Byl vysloven souhlas'); } }); function agree() { // console.log('Souhlasím'); let date = new Date(); let agreement = "agreeGDPR=1; expires=" date = new Date(date.valueOf()+1000*60*60*24*365); document.cookie = agreement.concat(date.toUTCString()); alert('Děkujeme'); } function disagree() { // console.log('Nesouhlasím'); alert('Musí být vysloven souhlas!'); } </script> </head> <body> <div id="auth"> <div class="row h-100"> <div class="col-xl-6 col-md-12 col-12 h-100"> <div id="auth-left"> <div class="auth-logo"> <a href="/"><img src="/assets/images/logo/logo.png" alt="Logo"></a> </div> <h1 class="auth-title">Přihlášení</h1> <p class="auth-subtitle mb-5">Zde se můžete přihlásit údaji zadanými při registraci.</p> <form method="post"> <div class="form-group position-relative has-icon-left mb-4"> <input type="email" value="" name="email" id="inputEmail" class="form-control form-control-xl" placeholder="Email" required autofocus> <div class="form-control-icon"> <i class="bi bi-person"></i> </div> </div> <div class="form-group position-relative has-icon-left mb-4"> <input type="password" id="inputPassword" name="password" class="form-control form-control-xl" placeholder="Heslo" required> <div class="form-control-icon"> <i class="bi bi-shield-lock"></i> </div> </div> <div class="form-check form-check-lg d-flex align-items-end"> <input class="form-check-input me-2" type="checkbox" value="" id="flexCheckDefault"> <label class="form-check-label text-gray-600" for="flexCheckDefault"> Uložit přihlášení </label> </div> <input type="hidden" name="_csrf_token" value="p05janlmKSGJm6jIYVOd5QE_xFHvb2tR0AlIc2Srq-c" > <button class="btn btn-primary btn-block btn-lg shadow-lg mt-5">Přihlásit se</button> </form> <div class="text-center mt-5 text-lg fs-4"> <p class="text-gray-600">Nemáte ještě účet? <a href="/registrace" class="font-bold"> Zaregistrujte se </a>.</p> <pFound 2024-09-12 by HttpPluginCreate report
-
Open service 5.189.147.42:443 · app.cestovniprikaz.cz
2024-09-12 07:58
HTTP/1.1 200 OK Date: Thu, 12 Sep 2024 07:58:41 GMT Server: Apache/2.4.38 (Debian) Set-Cookie: PHPSESSID=2amesa23vl8l5f6gnd3t85q2co; path=/; secure; HttpOnly; SameSite=lax Cache-Control: max-age=0, must-revalidate, private Expires: Thu, 12 Sep 2024 07:58:41 GMT Vary: Accept-Encoding Content-Length: 5509 Connection: close Content-Type: text/html; charset=UTF-8 Page title: Přihlášení do systému <!DOCTYPE html> <html lang="cs"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Přihlášení do systému</title> <link href="https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap" rel="stylesheet"> <link rel="stylesheet" href="/assets/css/bootstrap.css"> <link rel="stylesheet" href="/assets/vendors/bootstrap-icons/bootstrap-icons.css"> <link rel="stylesheet" href="/assets/css/app.css"> <link rel="stylesheet" href="/assets/css/pages/auth.css"> <script src="/js/jquery-3.6.0.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js" integrity="sha384-cVKIPhGWiC2Al4u+LWgxfKTRIcfu0JTxR+EQDz/bgldoEyl4H0zUF0QKbrJ0EcQF" crossorigin="anonymous"></script> <script> $(window).on('load', function() { // console.log(document.cookie); if (!document.cookie.includes('agreeGDPR=1')) { $('#modalGDPR').modal('show'); // console.log('nebyl vysloven souhlas'); } else { // console.log('Byl vysloven souhlas'); } }); function agree() { // console.log('Souhlasím'); let date = new Date(); let agreement = "agreeGDPR=1; expires=" date = new Date(date.valueOf()+1000*60*60*24*365); document.cookie = agreement.concat(date.toUTCString()); alert('Děkujeme'); } function disagree() { // console.log('Nesouhlasím'); alert('Musí být vysloven souhlas!'); } </script> </head> <body> <div id="auth"> <div class="row h-100"> <div class="col-xl-6 col-md-12 col-12 h-100"> <div id="auth-left"> <div class="auth-logo"> <a href="/"><img src="/assets/images/logo/logo.png" alt="Logo"></a> </div> <h1 class="auth-title">Přihlášení</h1> <p class="auth-subtitle mb-5">Zde se můžete přihlásit údaji zadanými při registraci.</p> <form method="post"> <div class="form-group position-relative has-icon-left mb-4"> <input type="email" value="" name="email" id="inputEmail" class="form-control form-control-xl" placeholder="Email" required autofocus> <div class="form-control-icon"> <i class="bi bi-person"></i> </div> </div> <div class="form-group position-relative has-icon-left mb-4"> <input type="password" id="inputPassword" name="password" class="form-control form-control-xl" placeholder="Heslo" required> <div class="form-control-icon"> <i class="bi bi-shield-lock"></i> </div> </div> <div class="form-check form-check-lg d-flex align-items-end"> <input class="form-check-input me-2" type="checkbox" value="" id="flexCheckDefault"> <label class="form-check-label text-gray-600" for="flexCheckDefault"> Uložit přihlášení </label> </div> <input type="hidden" name="_csrf_token" value="WM8FIlPkS7_WVrymfF7uRsfRMrcFGn_tET748lGYo8g" > <button class="btn btn-primary btn-block btn-lg shadow-lg mt-5">Přihlásit se</button> </form> <div class="text-center mt-5 text-lg fs-4"> <p class="text-gray-600">Nemáte ještě účet? <a href="/registrace" class="font-bold"> Zaregistrujte se </a>.</p> <pFound 2024-09-12 by HttpPluginCreate report
-
Open service 5.189.147.42:80 · app.cestovniprikaz.cz
2024-09-12 07:58
HTTP/1.1 301 Moved Permanently Date: Thu, 12 Sep 2024 07:58:38 GMT Server: Apache/2.4.38 (Debian) Location: https://app.cestovniprikaz.cz/ Content-Length: 325 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 301 Moved Permanently <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://app.cestovniprikaz.cz/">here</a>.</p> <hr> <address>Apache/2.4.38 (Debian) Server at app.cestovniprikaz.cz Port 80</address> </body></html>
Found 2024-09-12 by HttpPluginCreate report
-
Open service 5.189.147.42:80 · www.app.cestovniprikaz.cz
2024-09-12 07:58
HTTP/1.1 301 Moved Permanently Date: Thu, 12 Sep 2024 07:58:35 GMT Server: Apache/2.4.38 (Debian) Location: https://app.cestovniprikaz.cz/ Content-Length: 329 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 301 Moved Permanently <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://app.cestovniprikaz.cz/">here</a>.</p> <hr> <address>Apache/2.4.38 (Debian) Server at www.app.cestovniprikaz.cz Port 80</address> </body></html>
Found 2024-09-12 by HttpPluginCreate report