nginx
tcp/443
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392ab7a4b3253cb732edfa8260172696213e5
Found 7 files trough .DS_Store spidering: /app /app/mu-plugins /app/plugins /app/themes /index.php /wp /wp-config.php
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-14 21:34
HTTP/1.1 302 Found Server: nginx Date: Sat, 14 Sep 2024 21:34:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-14 07:12
HTTP/1.1 302 Found Server: nginx Date: Sat, 14 Sep 2024 07:12:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-12 23:58
HTTP/1.1 302 Found Server: nginx Date: Thu, 12 Sep 2024 23:58:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-12 20:45
HTTP/1.1 302 Found Server: nginx Date: Thu, 12 Sep 2024 20:45:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-11 03:15
HTTP/1.1 302 Found Server: nginx Date: Wed, 11 Sep 2024 03:15:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-10 18:44
HTTP/1.1 302 Found Server: nginx Date: Tue, 10 Sep 2024 18:44:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-08 22:50
HTTP/1.1 302 Found Server: nginx Date: Sun, 08 Sep 2024 22:50:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-08 18:50
HTTP/1.1 302 Found Server: nginx Date: Sun, 08 Sep 2024 18:50:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-07 00:02
HTTP/1.1 302 Found Server: nginx Date: Sat, 07 Sep 2024 00:02:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-09-06 21:59
HTTP/1.1 302 Found Server: nginx Date: Fri, 06 Sep 2024 21:59:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-16 22:56
HTTP/1.1 302 Found Server: nginx Date: Fri, 16 Aug 2024 22:56:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-16 20:49
HTTP/1.1 302 Found Server: nginx Date: Fri, 16 Aug 2024 20:49:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-14 22:35
HTTP/1.1 302 Found Server: nginx Date: Wed, 14 Aug 2024 22:36:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-14 20:31
HTTP/1.1 302 Found Server: nginx Date: Wed, 14 Aug 2024 20:31:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-12 21:44
HTTP/1.1 302 Found Server: nginx Date: Mon, 12 Aug 2024 21:44:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-12 04:12
HTTP/1.1 302 Found Server: nginx Date: Mon, 12 Aug 2024 04:13:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-10 23:52
HTTP/1.1 302 Found Server: nginx Date: Sat, 10 Aug 2024 23:52:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-10 21:10
HTTP/1.1 302 Found Server: nginx Date: Sat, 10 Aug 2024 21:10:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-08 23:11
HTTP/1.1 302 Found Server: nginx Date: Thu, 08 Aug 2024 23:11:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1
Open service 138.68.161.56:443 · cms.coref.co.uk
2024-08-08 21:12
HTTP/1.1 302 Found Server: nginx Date: Thu, 08 Aug 2024 21:12:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Link: <https://cms.coref.co.uk/wp-json/>; rel="https://api.w.org/", <https://cms.coref.co.uk/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://cms.coref.co.uk/>; rel=shortlink X-Redirect-By: WordPress Location: https://coref.co.uk/ X-Powered-By: PleskLin 1