Domain app.nupecards.com
France
Software information
nginx
tcp/443 tcp/80
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2025-11-28 15:05
Last seen 2026-01-02 09:28
Open for 34 days-
Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b73f74c96a26b9ae12951ce53c6b608a95Found 128 files trough .DS_Store spidering: /.htaccess /app /app/controllers /app/controllers/Account.php /app/controllers/AccountDelete.php /app/controllers/AccountLogs.php /app/controllers/AccountPayments.php /app/controllers/AccountPlan.php /app/controllers/ActivateUser.php /app/controllers/admin /app/controllers/admin-api /app/controllers/api /app/controllers/Cron.php /app/controllers/Dashboard.php /app/controllers/Domains.php /app/controllers/Index.php /app/controllers/Invoice.php /app/controllers/l /app/controllers/Link.php /app/controllers/LinkAjax.php /app/controllers/Links.php /app/controllers/Login.php /app/controllers/Logout.php /app/controllers/LostPassword.php /app/controllers/NotFound.php /app/controllers/Page.php /app/controllers/Pages.php /app/controllers/Pay.php /app/controllers/PayThankYou.php /app/controllers/Plan.php /app/controllers/Projects.php /app/controllers/Register.php /app/controllers/ResendActivation.php /app/controllers/ResetPassword.php /app/controllers/Sitemap.php /app/controllers/WebhookPaypal.php /app/controllers/WebhookStripe.php /app/core /app/helpers /app/helpers/payment-gateways /app/helpers/qr-codes /app/includes /app/init.php /app/languages /app/languages/admin /app/models /app/traits /config.php /index.php /install /plugins /plugins/affiliate /plugins/aix /plugins/email-signatures /plugins/image-optimizer /plugins/offload /plugins/offload/aws /plugins/offload/aws/GuzzleHttp /plugins/offload/aws/GuzzleHttp/Cookie /plugins/offload/aws/GuzzleHttp/Exception /plugins/offload/aws/GuzzleHttp/Handler /plugins/offload/aws/GuzzleHttp/Promise /plugins/offload/aws/GuzzleHttp/Psr7 /plugins/payment-blocks /plugins/payment-blocks/views /plugins/pro-blocks /plugins/pro-blocks/init.php /plugins/push-notifications /plugins/push-notifications/aws /plugins/pwa /plugins/teams /plugins/ultimate-blocks /plugins/ultimate-blocks/views /plugins/ultimate-blocks/views/l /plugins/ultimate-blocks/views/l/biolink_blocks /themes /themes/altum /themes/altum/assets /themes/altum/assets/css /themes/altum/assets/css/custom-bootstrap /themes/altum/assets/css/libraries /themes/altum/assets/images /themes/altum/assets/images/browsers /themes/altum/assets/images/countries /themes/altum/assets/images/email /themes/altum/assets/images/index /themes/altum/assets/images/os /themes/altum/assets/js /themes/altum/assets/js/functions.js /themes/altum/assets/js/libraries /themes/altum/assets/js/libraries/fontawesome-brands.min.js /themes/altum/assets/js/libraries/fontawesome-brands.modified.js /themes/altum/assets/js/main.js /themes/altum/assets/scss /themes/altum/assets/scss/admin-bootstrap-dark.scss /themes/altum/assets/scss/admin-bootstrap.scss /themes/altum/assets/scss/bootstrap /themes/altum/assets/scss/bootstrap/_alert.scss /themes/altum/assets/scss/bootstrap/_badge.scss /themes/altum/assets/scss/bootstrap/_breadcrumb.scss /themes/altum/assets/scss/bootstrap/_button-group.scss /themes/altum/assets/scss/bootstrap/_buttons.scss /themes/altum/assets/scss/bootstrap/_card.scss /themes/altum/assets/scss/bootstrap/_carousel.scss /themes/altum/assets/scss/bootstrap/_close.scss /themes/altum/assets/scss/bootstrap/_code.scss /themes/altum/assets/scss/bootstrap/_custom-forms.scss /themes/altum/assets/scss/bootstrap/_dropdown.scss /themes/altum/assets/scss/bootstrap/_forms.scss /themes/altum/assets/scss/bootstrap/_functions.scss /themes/altum/assets/scss/bootstrap/_grid.scss /themes/altum/assets/scss/bootstrap/_images.scss /themes/altum/assets/scss/bootstrap/_input-group.scss /themes/altum/assets/scss/bootstrap/_jumbotron.scss /themes/altum/assets/scss/bootstrap/_list-group.scss /themes/altum/assets/scss/bootstrap/_media.scss /themes/altum/assets/scss/bootstrap/_mixins.scss /themes/altum/assets/scss/bootstrap/_modal.scss /themes/altum/assets/scss/bootstrap/_nav.scss /themes/altum/assets/scss/bootstrap/_navbar.scss /themes/altum/assets/scss/bootstrap/_pagination.scss /themes/altum/assets/scss/bootstrap/_popover.scss /themes/altum/assets/scss/bootstrap/_print.scss /themes/altum/assets/scss/bootstrap/_progress.scss /themes/altum/assets/scss/bootstrap/_reboot.scss /themes/altum/assets/scss/bootstrap/_root.scss /themes/altum/assets/scss/bootstrap/_spinners.scss /themes/altum/assets/scss/bootstrap/_tables.scss
Found on 2026-01-02 09:28 -
Severity: medium
Fingerprint: 5f32cf5d6962f09c3078a2ae3078a2aea1d5413f669d669f8e0ae525abec26e8Found 73 files trough .DS_Store spidering: /.htaccess /app /app/controllers /app/controllers/Account.php /app/controllers/AccountDelete.php /app/controllers/AccountLogs.php /app/controllers/AccountPayments.php /app/controllers/AccountPlan.php /app/controllers/ActivateUser.php /app/controllers/admin /app/controllers/admin-api /app/controllers/api /app/controllers/Cron.php /app/controllers/Dashboard.php /app/controllers/Domains.php /app/controllers/Index.php /app/controllers/Invoice.php /app/controllers/l /app/controllers/Link.php /app/controllers/LinkAjax.php /app/controllers/Links.php /app/controllers/Login.php /app/controllers/Logout.php /app/controllers/LostPassword.php /app/controllers/NotFound.php /app/controllers/Page.php /app/controllers/Pages.php /app/controllers/Pay.php /app/controllers/PayThankYou.php /app/controllers/Plan.php /app/controllers/Projects.php /app/controllers/Register.php /app/controllers/ResendActivation.php /app/controllers/ResetPassword.php /app/controllers/Sitemap.php /app/controllers/WebhookPaypal.php /app/controllers/WebhookStripe.php /app/core /app/helpers /app/helpers/payment-gateways /app/helpers/qr-codes /app/includes /app/init.php /app/languages /app/languages/admin /app/models /app/traits /config.php /index.php /install /plugins /plugins/affiliate /plugins/aix /plugins/email-signatures /plugins/image-optimizer /plugins/offload /plugins/offload/aws /plugins/offload/aws/GuzzleHttp /plugins/offload/aws/GuzzleHttp/Cookie /plugins/offload/aws/GuzzleHttp/Exception /plugins/offload/aws/GuzzleHttp/Handler /plugins/offload/aws/GuzzleHttp/Promise /plugins/offload/aws/GuzzleHttp/Psr7 /plugins/payment-blocks /plugins/pro-blocks /plugins/push-notifications /plugins/pwa /plugins/teams /plugins/ultimate-blocks /themes /update /uploads /vendor
Found on 2025-11-30 16:56 -
Severity: medium
Fingerprint: 5f32cf5d6962f09c70ba7b5770ba7b5746a4c60ae2870132a7a818dcd1e3fd1aFound 54 files trough .DS_Store spidering: /.htaccess /app /app/controllers /app/controllers/Account.php /app/controllers/AccountDelete.php /app/controllers/AccountLogs.php /app/controllers/AccountPayments.php /app/controllers/AccountPlan.php /app/controllers/ActivateUser.php /app/controllers/admin /app/controllers/admin-api /app/controllers/api /app/controllers/Cron.php /app/controllers/Dashboard.php /app/controllers/Domains.php /app/controllers/Index.php /app/controllers/Invoice.php /app/controllers/l /app/controllers/Link.php /app/controllers/LinkAjax.php /app/controllers/Links.php /app/controllers/Login.php /app/controllers/Logout.php /app/controllers/LostPassword.php /app/controllers/NotFound.php /app/controllers/Page.php /app/controllers/Pages.php /app/controllers/Pay.php /app/controllers/PayThankYou.php /app/controllers/Plan.php /app/controllers/Projects.php /app/controllers/Register.php /app/controllers/ResendActivation.php /app/controllers/ResetPassword.php /app/controllers/Sitemap.php /app/controllers/WebhookPaypal.php /app/controllers/WebhookStripe.php /app/core /app/helpers /app/helpers/payment-gateways /app/helpers/qr-codes /app/includes /app/init.php /app/languages /app/models /app/traits /config.php /index.php /install /plugins /themes /update /uploads /vendor
Found on 2025-11-30 05:59
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2025-11-30 05:59
Last seen 2026-01-02 10:50
Open for 33 days-
Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b73f74c96a26b9ae12951ce53c6b608a95Found 128 files trough .DS_Store spidering: /.htaccess /app /app/controllers /app/controllers/Account.php /app/controllers/AccountDelete.php /app/controllers/AccountLogs.php /app/controllers/AccountPayments.php /app/controllers/AccountPlan.php /app/controllers/ActivateUser.php /app/controllers/admin /app/controllers/admin-api /app/controllers/api /app/controllers/Cron.php /app/controllers/Dashboard.php /app/controllers/Domains.php /app/controllers/Index.php /app/controllers/Invoice.php /app/controllers/l /app/controllers/Link.php /app/controllers/LinkAjax.php /app/controllers/Links.php /app/controllers/Login.php /app/controllers/Logout.php /app/controllers/LostPassword.php /app/controllers/NotFound.php /app/controllers/Page.php /app/controllers/Pages.php /app/controllers/Pay.php /app/controllers/PayThankYou.php /app/controllers/Plan.php /app/controllers/Projects.php /app/controllers/Register.php /app/controllers/ResendActivation.php /app/controllers/ResetPassword.php /app/controllers/Sitemap.php /app/controllers/WebhookPaypal.php /app/controllers/WebhookStripe.php /app/core /app/helpers /app/helpers/payment-gateways /app/helpers/qr-codes /app/includes /app/init.php /app/languages /app/languages/admin /app/models /app/traits /config.php /index.php /install /plugins /plugins/affiliate /plugins/aix /plugins/email-signatures /plugins/image-optimizer /plugins/offload /plugins/offload/aws /plugins/offload/aws/GuzzleHttp /plugins/offload/aws/GuzzleHttp/Cookie /plugins/offload/aws/GuzzleHttp/Exception /plugins/offload/aws/GuzzleHttp/Handler /plugins/offload/aws/GuzzleHttp/Promise /plugins/offload/aws/GuzzleHttp/Psr7 /plugins/payment-blocks /plugins/payment-blocks/views /plugins/pro-blocks /plugins/pro-blocks/init.php /plugins/push-notifications /plugins/push-notifications/aws /plugins/pwa /plugins/teams /plugins/ultimate-blocks /plugins/ultimate-blocks/views /plugins/ultimate-blocks/views/l /plugins/ultimate-blocks/views/l/biolink_blocks /themes /themes/altum /themes/altum/assets /themes/altum/assets/css /themes/altum/assets/css/custom-bootstrap /themes/altum/assets/css/libraries /themes/altum/assets/images /themes/altum/assets/images/browsers /themes/altum/assets/images/countries /themes/altum/assets/images/email /themes/altum/assets/images/index /themes/altum/assets/images/os /themes/altum/assets/js /themes/altum/assets/js/functions.js /themes/altum/assets/js/libraries /themes/altum/assets/js/libraries/fontawesome-brands.min.js /themes/altum/assets/js/libraries/fontawesome-brands.modified.js /themes/altum/assets/js/main.js /themes/altum/assets/scss /themes/altum/assets/scss/admin-bootstrap-dark.scss /themes/altum/assets/scss/admin-bootstrap.scss /themes/altum/assets/scss/bootstrap /themes/altum/assets/scss/bootstrap/_alert.scss /themes/altum/assets/scss/bootstrap/_badge.scss /themes/altum/assets/scss/bootstrap/_breadcrumb.scss /themes/altum/assets/scss/bootstrap/_button-group.scss /themes/altum/assets/scss/bootstrap/_buttons.scss /themes/altum/assets/scss/bootstrap/_card.scss /themes/altum/assets/scss/bootstrap/_carousel.scss /themes/altum/assets/scss/bootstrap/_close.scss /themes/altum/assets/scss/bootstrap/_code.scss /themes/altum/assets/scss/bootstrap/_custom-forms.scss /themes/altum/assets/scss/bootstrap/_dropdown.scss /themes/altum/assets/scss/bootstrap/_forms.scss /themes/altum/assets/scss/bootstrap/_functions.scss /themes/altum/assets/scss/bootstrap/_grid.scss /themes/altum/assets/scss/bootstrap/_images.scss /themes/altum/assets/scss/bootstrap/_input-group.scss /themes/altum/assets/scss/bootstrap/_jumbotron.scss /themes/altum/assets/scss/bootstrap/_list-group.scss /themes/altum/assets/scss/bootstrap/_media.scss /themes/altum/assets/scss/bootstrap/_mixins.scss /themes/altum/assets/scss/bootstrap/_modal.scss /themes/altum/assets/scss/bootstrap/_nav.scss /themes/altum/assets/scss/bootstrap/_navbar.scss /themes/altum/assets/scss/bootstrap/_pagination.scss /themes/altum/assets/scss/bootstrap/_popover.scss /themes/altum/assets/scss/bootstrap/_print.scss /themes/altum/assets/scss/bootstrap/_progress.scss /themes/altum/assets/scss/bootstrap/_reboot.scss /themes/altum/assets/scss/bootstrap/_root.scss /themes/altum/assets/scss/bootstrap/_spinners.scss /themes/altum/assets/scss/bootstrap/_tables.scss
Found on 2026-01-02 10:50 -
Severity: medium
Fingerprint: 5f32cf5d6962f09cddacc81addacc81a9671735b716fd7c3208acda1936e88baFound 68 files trough .DS_Store spidering: /.htaccess /app /app/controllers /app/controllers/Account.php /app/controllers/AccountDelete.php /app/controllers/AccountLogs.php /app/controllers/AccountPayments.php /app/controllers/AccountPlan.php /app/controllers/ActivateUser.php /app/controllers/admin /app/controllers/admin-api /app/controllers/api /app/controllers/Cron.php /app/controllers/Dashboard.php /app/controllers/Domains.php /app/controllers/Index.php /app/controllers/Invoice.php /app/controllers/l /app/controllers/Link.php /app/controllers/LinkAjax.php /app/controllers/Links.php /app/controllers/Login.php /app/controllers/Logout.php /app/controllers/LostPassword.php /app/controllers/NotFound.php /app/controllers/Page.php /app/controllers/Pages.php /app/controllers/Pay.php /app/controllers/PayThankYou.php /app/controllers/Plan.php /app/controllers/Projects.php /app/controllers/Register.php /app/controllers/ResendActivation.php /app/controllers/ResetPassword.php /app/controllers/Sitemap.php /app/controllers/WebhookPaypal.php /app/controllers/WebhookStripe.php /app/core /app/helpers /app/helpers/payment-gateways /app/helpers/qr-codes /app/includes /app/init.php /app/languages /app/languages/admin /app/models /app/traits /config.php /index.php /install /plugins /plugins/affiliate /plugins/aix /plugins/email-signatures /plugins/image-optimizer /plugins/offload /plugins/offload/aws /plugins/offload/aws/GuzzleHttp /plugins/payment-blocks /plugins/pro-blocks /plugins/push-notifications /plugins/pwa /plugins/teams /plugins/ultimate-blocks /themes /update /uploads /vendor
Found on 2025-11-30 05:59
-
-
Open service 217.154.10.21:443 · app.nupecards.com
2026-01-09 12:29
HTTP/1.1 302 Found Server: nginx Date: Fri, 09 Jan 2026 12:29:14 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=bf80ivt92295p3jd69k2jalbro; path=/; secure; SameSite=Lax Location: https://app.linkpod.co/not-found X-Powered-By: PleskLin
Found 3 days ago by HttpPluginCreate report
-
Open service 217.154.10.21:80 · app.nupecards.com
2026-01-09 09:54
HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 09 Jan 2026 09:54:46 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=b0qenrlh6e7h5tle21nqr5nm5c; path=/; secure; SameSite=Lax Location: https://app.nupecards.com/ X-Powered-By: PleskLin
Found 3 days ago by HttpPluginCreate report
-
Open service 217.154.10.21:80 · app.nupecards.com
2026-01-02 10:50
HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 02 Jan 2026 10:50:20 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=tsmva3vonm5jr9r0gd1i8i8qf3; path=/; secure; SameSite=Lax Location: https://app.nupecards.com/ X-Powered-By: PleskLin
Found 2026-01-02 by HttpPluginCreate report
-
Open service 217.154.10.21:443 · app.nupecards.com
2026-01-02 09:28
HTTP/1.1 302 Found Server: nginx Date: Fri, 02 Jan 2026 09:28:47 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=vmd3svhl438150sm65hvs1jtf3; path=/; secure; SameSite=Lax Location: https://app.linkpod.co/not-found X-Powered-By: PleskLin
Found 2026-01-02 by HttpPluginCreate report
-
Open service 217.154.10.21:443 · app.nupecards.com
2025-12-22 18:05
HTTP/1.1 302 Found Server: nginx Date: Mon, 22 Dec 2025 18:05:16 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=ibscqbairmbpqb2fn9f8tvtajf; path=/; secure; SameSite=Lax Location: https://app.linkpod.co/not-found X-Powered-By: PleskLin
Found 2025-12-22 by HttpPluginCreate report
-
Open service 217.154.10.21:80 · app.nupecards.com
2025-12-22 15:53
HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 22 Dec 2025 15:53:13 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=mb0ls2nphfdl6plchkpr2vrq41; path=/; secure; SameSite=Lax Location: https://app.nupecards.com/ X-Powered-By: PleskLin
Found 2025-12-22 by HttpPluginCreate report
-
Open service 217.154.10.21:443 · app.nupecards.com
2025-12-20 20:31
HTTP/1.1 302 Found Server: nginx Date: Sat, 20 Dec 2025 20:31:52 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=joromouuff2kahe4l14lacs9d5; path=/; secure; SameSite=Lax Location: https://app.linkpod.co/not-found X-Powered-By: PleskLin
Found 2025-12-20 by HttpPluginCreate report
-
Open service 217.154.10.21:80 · app.nupecards.com
2025-12-20 15:23
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 20 Dec 2025 15:23:11 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: frame-ancestors *; Strict-Transport-Security: max-age=31536000; preload Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Max-Age: 7200 Set-Cookie: PHPSESSID=m4ubtq5ih9ktsq778ahest7u1u; path=/; secure; SameSite=Lax Location: https://app.nupecards.com/ X-Powered-By: PleskLin
Found 2025-12-20 by HttpPluginCreate report