Domain apptastic.sr
United States
Software information
Apache
tcp/443 tcp/80
nginx
tcp/443 tcp/80
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: elgawa.apptastic.sr
Port: 443
URL: https://elgawa.apptastic.sr/_profiler/empty/search/resultsFirst seen 2023-07-26 15:30
Last seen 2024-02-02 09:31
Open for 190 days-
Fingerprint: 407cf4363b0e62fafca67e07eb55f9b8eb55f9b8eb55f9b8eb55f9b8eb55f9b8
Symfony profiler enabled: https://elgawa.apptastic.sr/_profiler/empty/search/results
Found on 2024-02-02 09:31
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.japi.apptastic.sr
Port: 443
URL: https://www.japi.apptastic.sr/_profiler/empty/search/resultsFirst seen 2022-10-02 15:52
Last seen 2026-02-02 10:27
Open for 1218 days-
Fingerprint: 407cf4363b0e62fafca67e07534629c0534629c0534629c0534629c0534629c0
Symfony profiler enabled: https://www.japi.apptastic.sr/_profiler/empty/search/results
Found on 2026-02-02 10:27
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.allvision.apptastic.sr
Port: 80
URL: http://www.allvision.apptastic.sr/_profiler/empty/search/resultsFirst seen 2022-10-02 15:52
Last seen 2024-02-04 17:55
Open for 490 days-
Fingerprint: 407cf4363b0e62fafca67e0737ea82a437ea82a437ea82a437ea82a437ea82a4
Symfony profiler enabled: http://www.allvision.apptastic.sr/_profiler/empty/search/results
Found on 2024-02-04 17:55
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.elgawa.apptastic.sr
Port: 80
URL: http://www.elgawa.apptastic.sr/_profiler/empty/search/resultsFirst seen 2023-01-23 16:32-
Fingerprint: 407cf4363b0e62fafca67e079826acd69826acd69826acd69826acd69826acd6
Symfony profiler enabled: http://www.elgawa.apptastic.sr/_profiler/empty/search/results
Found on 2023-01-23 16:32
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.japi.apptastic.sr
Port: 80
URL: http://www.japi.apptastic.sr/_profiler/empty/search/resultsFirst seen 2022-10-02 15:52
Last seen 2026-02-09 04:35
Open for 1225 days-
Fingerprint: 407cf4363b0e62fafca67e07919bbb8b919bbb8b919bbb8b919bbb8b919bbb8b
Symfony profiler enabled: http://www.japi.apptastic.sr/_profiler/empty/search/results
Found on 2026-02-09 04:35
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: japi.apptastic.sr
Port: 443
URL: https://japi.apptastic.sr/_profiler/empty/search/resultsFirst seen 2025-02-05 16:37
Last seen 2026-01-31 16:36
Open for 359 days-
Fingerprint: 407cf4363b0e62fafca67e07b5875539b5875539b5875539b5875539b5875539
Symfony profiler enabled: https://japi.apptastic.sr/_profiler/empty/search/results
Found on 2026-01-31 16:36
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.allvision.apptastic.sr
Port: 443
URL: https://www.allvision.apptastic.sr/_profiler/empty/search/resultsFirst seen 2022-10-02 15:52
Last seen 2024-02-04 17:55
Open for 490 days-
Fingerprint: 407cf4363b0e62fafca67e073214f0c93214f0c93214f0c93214f0c93214f0c9
Symfony profiler enabled: https://www.allvision.apptastic.sr/_profiler/empty/search/results
Found on 2024-02-04 17:55
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: japi.apptastic.sr
Port: 80
URL: http://japi.apptastic.sr/_profiler/empty/search/resultsFirst seen 2025-02-05 16:37
Last seen 2026-02-08 22:53
Open for 368 days-
Fingerprint: 407cf4363b0e62fafca67e07ec9f8fa2ec9f8fa2ec9f8fa2ec9f8fa2ec9f8fa2
Symfony profiler enabled: http://japi.apptastic.sr/_profiler/empty/search/results
Found on 2026-02-08 22:53
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-01 16:29
Last seen 2026-01-31 16:36
Open for 61 days-
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6ddbca34c84c95810fd7e0d267b52af5a60ca349aGraphQL introspection enabled at /api/graphql Types: 41 (by kind: ENUM: 2, INPUT_OBJECT: 6, INTERFACE: 1, OBJECT: 26, SCALAR: 6) Operations: - Query: Query | fields: content, contents, field, fields, node - Mutation: Mutation | fields: createContent, createField, createRelation, deleteContent, deleteField Directives: deprecated, include, skip (total: 3)
Found on 2026-01-31 16:3643.9 kBytes
-
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.fernandes-80.apptastic.sr
Port: 80
URL: http://www.fernandes-80.apptastic.sr/_profiler/empty/search/resultsFirst seen 2022-10-02 15:52
Last seen 2024-09-26 18:53
Open for 725 days-
Fingerprint: 407cf4363b0e62fafca67e07925ecbaa925ecbaa925ecbaa925ecbaa925ecbaa
Symfony profiler enabled: http://www.fernandes-80.apptastic.sr/_profiler/empty/search/results
Found on 2024-09-26 18:53
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.fernandes-80.apptastic.sr
Port: 443
URL: https://www.fernandes-80.apptastic.sr/_profiler/empty/search/resultsFirst seen 2022-10-02 15:52
Last seen 2024-09-26 15:31
Open for 724 days-
Fingerprint: 407cf4363b0e62fafca67e070a7c2fc90a7c2fc90a7c2fc90a7c2fc90a7c2fc9
Symfony profiler enabled: https://www.fernandes-80.apptastic.sr/_profiler/empty/search/results
Found on 2024-09-26 15:31
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 108.167.156.117
Domain: www.elgawa.apptastic.sr
Port: 443
URL: https://www.elgawa.apptastic.sr/_profiler/empty/search/resultsFirst seen 2023-01-23 16:32
Last seen 2024-02-02 04:05
Open for 374 days-
Fingerprint: 407cf4363b0e62fafca67e07e77e8779e77e8779e77e8779e77e8779e77e8779
Symfony profiler enabled: https://www.elgawa.apptastic.sr/_profiler/empty/search/results
Found on 2024-02-02 04:05
-
Open service 108.167.156.117:443 · www.havenbeheer.apptastic.sr
2026-01-23 16:34
HTTP/1.1 301 Moved Permanently Date: Fri, 23 Jan 2026 16:34:47 GMT Server: Apache X-Redirect-By: WordPress Upgrade: h2,h2c Connection: Upgrade, close Location: https://havenbeheer.apptastic.sr/ Content-Length: 0 Content-Type: text/html; charset=UTF-8
Found 2026-01-23 by HttpPluginCreate report
-
Open service 108.167.156.117:443 · havenbeheer.apptastic.sr
2026-01-23 16:34
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 16:34:47 GMT Server: Apache Link: <https://havenbeheer.apptastic.sr/wp-json/>; rel="https://api.w.org/", <https://havenbeheer.apptastic.sr/wp-json/wp/v2/pages/9729>; rel="alternate"; title="JSON"; type="application/json", <https://havenbeheer.apptastic.sr/>; rel=shortlink Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2026-01-23 by HttpPluginCreate report
-
Open service 108.167.156.117:80 · www.havenbeheer.apptastic.sr
2026-01-23 16:34
HTTP/1.1 301 Moved Permanently Date: Fri, 23 Jan 2026 16:34:56 GMT Server: Apache X-Redirect-By: Solid Security Upgrade: h2,h2c Connection: Upgrade, close Location: https://havenbeheer.apptastic.sr/ Content-Length: 0 Content-Type: text/html; charset=UTF-8
Found 2026-01-23 by HttpPluginCreate report
-
Open service 108.167.156.117:80 · havenbeheer.apptastic.sr
2026-01-23 16:34
HTTP/1.1 301 Moved Permanently Date: Fri, 23 Jan 2026 16:34:56 GMT Server: Apache X-Redirect-By: Solid Security Upgrade: h2,h2c Connection: Upgrade, close Location: https://havenbeheer.apptastic.sr/ Content-Length: 0 Content-Type: text/html; charset=UTF-8
Found 2026-01-23 by HttpPluginCreate report
-
Open service 108.167.156.117:443 · www.japi.apptastic.sr
2026-01-23 15:39
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 15:39:19 GMT Server: Apache Cache-Control: private X-Debug-Token: 55ed75 Set-Cookie: bolt_session_1df967dc0cec3b4fd685791ba31e5a59=61bc79978b75e8c3c2ddb1cb6bd4f531; expires=Fri, 06-Feb-2026 15:39:19 GMT; Max-Age=1209600; path=/; HttpOnly Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2026-01-23 by HttpPluginCreate report
-
Open service 146.148.61.167:443 · b2b.apptastic.sr
2026-01-23 11:41
HTTP/1.1 303 SEE OTHER Server: nginx Date: Fri, 23 Jan 2026 11:41:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 197 Connection: close Location: /jobs Set-Cookie: frontend_lang=en_US; Expires=Sat, 23 Jan 2027 11:41:48 GMT; Path=/ Set-Cookie: session_id=MOJac_zovS1VDpsSa4p90yj4fcouh7s-WKF6JBTUJyKo-4b6V5eDgp_-LRUYFSa6Ef90XqmBpQzPzlss7cYC; Expires=Sat, 23 Jan 2027 11:41:48 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin Strict-Transport-Security: max-age=31536000; includeSubDomains Page title: Redirecting... <!doctype html> <html lang=en> <title>Redirecting...</title> <h1>Redirecting...</h1> <p>You should be redirected automatically to the target URL: <a href="/jobs">/jobs</a>. If not, click the link.
Found 2026-01-23 by HttpPluginCreate report
-
Open service 146.148.61.167:80 · b2b.apptastic.sr
2026-01-23 11:41
HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 23 Jan 2026 11:41:48 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://b2b.apptastic.sr/ X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 108.167.156.117:80 · www.japi.apptastic.sr
2026-01-22 23:42
HTTP/1.1 200 OK Date: Thu, 22 Jan 2026 23:42:46 GMT Server: Apache Cache-Control: private X-Debug-Token: d7e90a Set-Cookie: bolt_session_1df967dc0cec3b4fd685791ba31e5a59=30be865ed3c3066d85b66585d5f03bf8; expires=Thu, 05-Feb-2026 23:42:46 GMT; Max-Age=1209600; path=/; HttpOnly Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2026-01-22 by HttpPluginCreate report
-
Open service 108.167.156.117:443 · japi.apptastic.sr
2026-01-22 20:39
HTTP/1.1 200 OK Date: Thu, 22 Jan 2026 20:39:43 GMT Server: Apache Cache-Control: private X-Debug-Token: a4f264 Set-Cookie: bolt_session_55c4c1e826fee5e47a26eff875bd82a5=2199b32468b15257443a5c0dfaa549fd; expires=Thu, 05-Feb-2026 20:39:43 GMT; Max-Age=1209600; path=/; HttpOnly Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2026-01-22 by HttpPluginCreate report