Domain comfort.demo.men-at-work.de
Germany
Software information
nginx 1.14.0
tcp/443 tcp/80
nginx 1.18.0
tcp/443 tcp/80
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 141.101.37.32
Domain: comfort.demo.men-at-work.de
Port: 443
URL: https://comfort.demo.men-at-work.de/_profiler/empty/search/resultsFirst seen 2022-09-05 16:06
Last seen 2024-05-12 21:15
Open for 615 days-
Fingerprint: 407cf4363b0e62fafca67e07467c4a43467c4a43467c4a43467c4a43467c4a43
Symfony profiler enabled: https://comfort.demo.men-at-work.de/_profiler/empty/search/results
Found on 2024-05-12 21:15
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 141.101.37.32
Domain: comfort.demo.men-at-work.de
Port: 80
URL: http://comfort.demo.men-at-work.de/_profiler/empty/search/resultsFirst seen 2023-03-05 01:21
Last seen 2024-05-12 19:16
Open for 434 days-
Fingerprint: 407cf4363b0e62fafca67e07ab756774ab756774ab756774ab756774ab756774
Symfony profiler enabled: http://comfort.demo.men-at-work.de/_profiler/empty/search/results
Found on 2024-05-12 19:16
-
Open service 141.101.37.32:443 · comfort.demo.men-at-work.de
2024-05-12 21:15
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=jhblq40o4refionemokcilovqk; path=/; secure; HttpOnly; SameSite=lax Date: Sun, 12 May 2024 21:16:16 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 48f489 X-Debug-Token-Link: https://comfort.demo.men-at-work.de/_profiler/48f489 X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=jhblq40o4refionemokcilovqk; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=74ab49e267ac288cdc8c2d.taEnFfJrVV54Sp0bBqjH7vpQkS8hC9TFtNvloA6sXZk.xpJ-LaAAYHNIPKpZX8mjitcppVVVZKH90-yq6kneDvPk725ilF9sChJzzA; path=/; secure; httponly; samesite=lax
Found 2 days ago by HttpPluginCreate report
-
Open service 141.101.37.32:80 · comfort.demo.men-at-work.de
2024-05-12 19:16
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=drbvvr16sc154j1i8k3974t94g; path=/; HttpOnly; SameSite=lax Date: Sun, 12 May 2024 19:17:18 GMT X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 1de2fc X-Debug-Token-Link: http://comfort.demo.men-at-work.de/_profiler/1de2fc X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=drbvvr16sc154j1i8k3974t94g; path=/; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=903ba97.JliVzfQn9xMgj2KDnjxEDTdNb81KaTmMJorEfG7h2II.a2HkocJ1rUoYyzaw9msAYVI5PYUbBA-8buOxSDuJtelVdeW1oUC5YhTFWg; path=/; httponly; samesite=lax
Found 2 days ago by HttpPluginCreate report
-
Open service 141.101.37.32:80 · comfort.demo.men-at-work.de
2024-05-01 02:48
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=ho2qd1t8oae3iep4uarfr2d3d8; path=/; HttpOnly; SameSite=lax Date: Wed, 01 May 2024 02:48:05 GMT X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 1b129c X-Debug-Token-Link: http://comfort.demo.men-at-work.de/_profiler/1b129c X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=ho2qd1t8oae3iep4uarfr2d3d8; path=/; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=2de11771e7bd9a25225d78596.2DDPri2vEwPAgFNpyGdL0oU9j4iKRtzxIhu_BsFF16Y.kmqgzWyYVGeUyBwLuQY_5OYP5bzJNLOaY2HtQrI8-v-yeo6cGPlDWbPQJA; path=/; httponly; samesite=lax
Found 2024-05-01 by HttpPluginCreate report
-
Open service 141.101.37.32:443 · comfort.demo.men-at-work.de
2024-05-01 01:57
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=26117j8epusdlbl8dme8bbgkiv; path=/; secure; HttpOnly; SameSite=lax Date: Wed, 01 May 2024 01:58:02 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 3d0d2d X-Debug-Token-Link: https://comfort.demo.men-at-work.de/_profiler/3d0d2d X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=26117j8epusdlbl8dme8bbgkiv; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=7ee2c89445ac1.bFeE-g1R5Pulb6LbOQZ-5a8ZmfzTNTKMNHbKtBMzPAY.JBDVjER8kq3gIO2NVnUTs_Ah4ZuKe2LVZx36hCtqfncnGrKQRxS-lOw31Q; path=/; secure; httponly; samesite=lax
Found 2024-05-01 by HttpPluginCreate report
-
Open service 159.69.6.13:443 · comfort.demo.men-at-work.de
2024-04-29 08:23
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=e1f47gffl29aroq9kjjuefvdr7; path=/; secure; HttpOnly; SameSite=lax Date: Mon, 29 Apr 2024 08:23:19 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 06f298 X-Debug-Token-Link: https://comfort.demo.men-at-work.de/_profiler/06f298 X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=e1f47gffl29aroq9kjjuefvdr7; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=3ba9ea515d5f3b6ba5f28d3b2b39ea3.fsaLP9nUydf1bhbja1aVKGLQRgTWYunOwEuCBV4e4-s.T57obLGZip-WDVTaWhHcfC_jCFO1OtiktQ74fAZWk6IHqOxUveT6pYYKdQ; path=/; secure; httponly; samesite=lax
Found 2024-04-29 by HttpPluginCreate report
-
Open service 159.69.6.13:80 · comfort.demo.men-at-work.de
2024-04-29 08:23
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=5dcthpdbph5hbimboubah7l3rm; path=/; HttpOnly; SameSite=lax Date: Mon, 29 Apr 2024 08:23:18 GMT X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: da4a7d X-Debug-Token-Link: http://comfort.demo.men-at-work.de/_profiler/da4a7d X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=5dcthpdbph5hbimboubah7l3rm; path=/; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=8c7965678e5f3c4da8.cb-5XDhWKXQjM-kpyeEOn-TYUx3B7hjA8soTdjAUsuk.Ge_RJWAYWTsbXIhYqKVs3YuuI1utpUKypIx0Qn5hxL8_-_4yXjVuI0FLpA; path=/; httponly; samesite=lax
Found 2024-04-29 by HttpPluginCreate report
-
Open service 141.101.37.32:443 · comfort.demo.men-at-work.de
2024-04-28 20:21
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=p7klm0nejml8ud145vv1od5hmp; path=/; secure; HttpOnly; SameSite=lax Date: Sun, 28 Apr 2024 20:21:21 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: bde4cf X-Debug-Token-Link: https://comfort.demo.men-at-work.de/_profiler/bde4cf X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=p7klm0nejml8ud145vv1od5hmp; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=e3496c0.Bi0l3dqsylpnnLK2q-P06EQunKiRA7papGR5pd74CB4.QWBEtJLtgy1VpN3PkoKbkCEc9OnQYIxi-woU3J-Je29Te3S_l9agIC_w5w; path=/; secure; httponly; samesite=lax
Found 2024-04-28 by HttpPluginCreate report
-
Open service 141.101.37.32:80 · comfort.demo.men-at-work.de
2024-04-19 00:49
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=87te511rgtqs8kqnr89hhl67co; path=/; HttpOnly; SameSite=lax Date: Fri, 19 Apr 2024 00:50:01 GMT X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 30a97e X-Debug-Token-Link: http://comfort.demo.men-at-work.de/_profiler/30a97e X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=87te511rgtqs8kqnr89hhl67co; path=/; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=2ced52265e18.SxeBFUQ47sZpm93H6HbWoX6H0urjNr1C13fryfNtDi4.KCHQJAxiiL5a2uTqokSY4h-345KBYs8xuxOIhrc3P1k8JuRzHmqUlDb4ug; path=/; httponly; samesite=lax
Found 2024-04-19 by HttpPluginCreate report
-
Open service 141.101.37.32:443 · comfort.demo.men-at-work.de
2024-04-19 00:23
HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: session-=tc5nnl961pjbqessrjmmnob146; path=/; secure; HttpOnly; SameSite=lax Date: Fri, 19 Apr 2024 00:23:56 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 5955ee X-Debug-Token-Link: https://comfort.demo.men-at-work.de/_profiler/5955ee X-Robots-Tag: noindex Cache-Control: no-cache, private Set-Cookie: session-=tc5nnl961pjbqessrjmmnob146; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=f8f099c1e29fd08bc4a274279.uPIJZy1nswPwTuEu6cpvHUNIYMXtnYRDsDwMoJaGEEA.4sFILmod1lyofpBZuJwmS3E-FJCs-cwI0khZ1u_BXSuMsFEhTCriYbx9rA; path=/; secure; httponly; samesite=lax
Found 2024-04-19 by HttpPluginCreate report