LeakIX - Host marketplaceapi.pitico.app

Domain marketplaceapi.pitico.app

Iran

Noyan Abr Arvan Co. ( Private Joint Stock)

Ubuntu

Software information

Apache Apache 2.4.52

tcp/443

ArvanCloud

tcp/8443

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 185.143.233.120
Domain: marketplaceapi.pitico.app
Port: 8443
URL: https://marketplaceapi.pitico.app:8443

First seen 2024-09-02 17:39
Last seen 2024-10-20 07:24
Open for 47 days

Severity: low
Fingerprint: 5f32cf5d6962f09cf35cbfb3f35cbfb3e5971d0580e5d923ac0ad17e525eeaa2

Found 29 files trough .DS_Store spidering:

/assets
/assets/css
/assets/fonts
/assets/icons
/assets/js
/assets/media
/assets/media/image
/assets/media/svg
/vendors
/vendors/charts
/vendors/circle-progress
/vendors/ckeditor
/vendors/clockpicker
/vendors/colorpicker
/vendors/dataTable
/vendors/datepicker
/vendors/datepicker-jalali
/vendors/dropzone
/vendors/form-wizard
/vendors/fullcalendar
/vendors/input-mask
/vendors/lightbox
/vendors/nestable
/vendors/range-slider
/vendors/select2
/vendors/slick
/vendors/tagsinput
/vendors/tour
/vendors/vmap

Found on 2024-10-20 07:24

Severity: low
Fingerprint: 5f32cf5d6962f09c7c3d3e457c3d3e45344e5dd3e1d0895dd1084c382aa9122a

Found 30 files trough .DS_Store spidering:

/assets
/assets/css
/assets/fonts
/assets/icons
/assets/js
/assets/js/examples
/assets/media
/assets/media/image
/assets/media/svg
/vendors
/vendors/charts
/vendors/circle-progress
/vendors/ckeditor
/vendors/clockpicker
/vendors/colorpicker
/vendors/dataTable
/vendors/datepicker
/vendors/datepicker-jalali
/vendors/dropzone
/vendors/form-wizard
/vendors/fullcalendar
/vendors/input-mask
/vendors/lightbox
/vendors/nestable
/vendors/range-slider
/vendors/select2
/vendors/slick
/vendors/tagsinput
/vendors/tour
/vendors/vmap

Found on 2024-10-18 06:53

Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392abdc1b177de04e6debe1a6ecf664ed57a0

Found 7 files trough .DS_Store spidering:

/assets
/assets/css
/assets/fonts
/assets/icons
/assets/js
/assets/media
/vendors

Found on 2024-10-08 15:48

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 171.22.27.171
Domain: marketplaceapi.pitico.app
Port: 443
URL: https://marketplaceapi.pitico.app

First seen 2024-06-16 10:23
Last seen 2024-10-20 18:55
Open for 126 days

Severity: low
Fingerprint: 5f32cf5d6962f09c7c3d3e457c3d3e45344e5dd3e1d0895dd1084c382aa9122a

Found 30 files trough .DS_Store spidering:

/assets
/assets/css
/assets/fonts
/assets/icons
/assets/js
/assets/js/examples
/assets/media
/assets/media/image
/assets/media/svg
/vendors
/vendors/charts
/vendors/circle-progress
/vendors/ckeditor
/vendors/clockpicker
/vendors/colorpicker
/vendors/dataTable
/vendors/datepicker
/vendors/datepicker-jalali
/vendors/dropzone
/vendors/form-wizard
/vendors/fullcalendar
/vendors/input-mask
/vendors/lightbox
/vendors/nestable
/vendors/range-slider
/vendors/select2
/vendors/slick
/vendors/tagsinput
/vendors/tour
/vendors/vmap

Found on 2024-10-20 18:55

Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcad0419cc2e0ea8c4365f72b4119ad2c3

Found 22 files trough .DS_Store spidering:

/assets
/vendors
/vendors/charts
/vendors/circle-progress
/vendors/ckeditor
/vendors/clockpicker
/vendors/colorpicker
/vendors/dataTable
/vendors/datepicker
/vendors/datepicker-jalali
/vendors/dropzone
/vendors/form-wizard
/vendors/fullcalendar
/vendors/input-mask
/vendors/lightbox
/vendors/nestable
/vendors/range-slider
/vendors/select2
/vendors/slick
/vendors/tagsinput
/vendors/tour
/vendors/vmap

Found on 2024-10-02 16:08

Severity: low
Fingerprint: 5f32cf5d6962f09c8329733f8329733fa0a22501dbaa64878a2428eaf3acec2d

Found 10 files trough .DS_Store spidering:

/assets
/assets/css
/assets/fonts
/assets/icons
/assets/js
/assets/js/examples
/assets/media
/assets/media/image
/assets/media/svg
/vendors

Found on 2024-09-01 20:20

Create report

Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-11-20 03:28
Found 2024-11-20 by HttpPlugin
Create report
Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-11-18 02:22
Found 2024-11-18 by HttpPlugin
Create report
Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-11-16 03:52
Found 2024-11-16 by HttpPlugin
Create report
Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-11-02 05:15
Found 2024-11-02 by HttpPlugin
Create report
Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-11-01 03:04
Found 2024-11-01 by HttpPlugin
Create report
Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-10-30 04:35
Found 2024-10-30 by HttpPlugin
Create report
Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-10-22 07:18
Found 2024-10-22 by HttpPlugin
Create report

Open service 171.22.27.171:443 · marketplaceapi.pitico.app

2024-10-20 18:55

HTTP/1.1 500 Internal Server Error
Date: Sun, 20 Oct 2024 18:55:57 GMT
Server: Apache/2.4.52 (Ubuntu)
Upgrade: h2,h2c
Connection: Upgrade, close
Cache-Control: no-cache, private
Vary: Origin
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ik9uZzFkWHYxMzlYQm9hVW9RQTVGdlE9PSIsInZhbHVlIjoiS3hjRms3WnAyN0pNQXdJR0VjcjN4c1VtMFNkR1JzaUZYVWNTOFBIR2Y4VGVTOThMVEFhUVJHcEVybkZWSWEzMmFJWUtENUREVVRsSmVNanAvNTh4VkdreWFPWFNlQmhUSjRUUEh5UFludkgzRVdWcFU4L0xNOEROWTgySHNEQkQiLCJtYWMiOiJjNzM4MGE2YzkwNTcwNDcyMjhjZDkyNjZlMzE3YzdjMGVjOWI4YzI5Mjg5ZGRjYzY1NTBlYjJjOTBjNjU0YjNhIiwidGFnIjoiIn0%3D; expires=Sun, 20 Oct 2024 20:55:57 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6IkxOQ0F0QUxTcVIyOERPZmU5YmE0a0E9PSIsInZhbHVlIjoicjRLM0NFREZ0eHRzd0gxZDdQZzR4L2x5RWxrTFhlSC8yc2J0ZTFKWVhpNkI1aUtxa3lKVi9IczBnOGw1eXNyM0paaWNPWXdPMUtQQlA0WVYwaDdaUmVhSE41Q1kxQlF2dmZ6dSt2QTZNUVdUcjNndDNQT3lNMzRKbTN5S0RSMjMiLCJtYWMiOiI2ZTU2ZTU0NTliZWY4NmQ0YzQ2NDRlZmI4MDFjZTNiYzFhOWFjYWRiN2NlY2MyNmEyYTliNGFkYWViZDZmN2NkIiwidGFnIjoiIn0%3D; expires=Sun, 20 Oct 2024 20:55:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH,DELETE
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Found 2024-10-20 by HttpPlugin

Create report

Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-10-20 07:24

HTTP/1.1 500 Internal Server Error
Date: Sun, 20 Oct 2024 07:24:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Upgrade: h2,h2c
Cache-Control: no-cache, private
Vary: Origin
Set-Cookie: XSRF-TOKEN=eyJpdiI6IldTNzllSldycXh4bWxEeXRyRWJDYlE9PSIsInZhbHVlIjoiUTFjeTNOUkxCOE9nb2xVaDZsR3JaR3VVMWdQNGtwckZMZkM3RWxldCtoZHpJSFF1VmxpZ2RvVUdob09kQWZST0JZZ0t0bmtyTENLVGNlSmY3S3VIbGxXR0Y2VjZUWmtBVFJWbklnL2J4SzQ0ME1UUFFQdFduZENIL1BiZmtBejMiLCJtYWMiOiI1OTdkMTg3MDIwM2I2ZWIyOTVmMjQ5M2IxNmQ1MDVlNWExN2VhMDcwYTVmNTYyNDc1MjQ0MmYzN2VmOWFiYzM5IiwidGFnIjoiIn0%3D; expires=Sun, 20 Oct 2024 09:24:08 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6InhIRGQ0ZWtiZGV6VEJSSko5Uk5BSGc9PSIsInZhbHVlIjoicC9zRmJpQVdWanNyL0VlUjlhbUNFWExVQ2l2elh5NzNhd1BHemZCcFNCamZtQ1hQVmxOaVQxL21vdHY0SGR2cHNiRHFlOTZIMWV5eUc0RkM2dk5YeW1pK1plelFZZGU3dWFHTzFQTExKekoxemtJTGRCcTdPcnpRbGswRnQ5N3UiLCJtYWMiOiI0MDJjOGExNjU3YjM0OTgwYWNjZDk1MDM0YTI3NDA3MmFjYWQzNDljNGFhOGJiZjZkZmYyMmRlZGE2YjBlZDA0IiwidGFnIjoiIn0%3D; expires=Sun, 20 Oct 2024 09:24:08 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH,DELETE
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization
Content-Security-Policy: upgrade-insecure-requests
Server: ArvanCloud
Server-Timing: total;dur=193
X-Cache: BYPASS
X-Request-ID: c510c90f64772d6139b99b3a8ea1856f
X-SID: 4101

Found 2024-10-20 by HttpPlugin

Create report

Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-10-18 06:53

HTTP/1.1 500 Internal Server Error
Date: Fri, 18 Oct 2024 06:53:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Upgrade: h2,h2c
Cache-Control: no-cache, private
Vary: Origin
Set-Cookie: XSRF-TOKEN=eyJpdiI6Iklwc2ZpU05tRVVNbGhQTmFkaWYyVXc9PSIsInZhbHVlIjoiTDlQTVowS05sUlBoQzZOU1hHZTM5OEgxRE0vSjQyRXdMYkZ5K3pQOS9xRDd0NmJRTGFHVGFNd0FIWW9ybUZ0dm5OYnZ3ZUhhSlVQU0x5QXMwRlhpT3E2cXV2RGtETlE4WUhsd1hJNjlpcjBmUHg3djdVbnRuZFVPb0FvdXA3cXUiLCJtYWMiOiJmYzNkMDdkZDBlNDdhZTcxZTdiZjFjN2NlZDM5NTJiOGU3ZTU1MGFiNmNmOTFmMzU5NTcxZGMyZjNhOTcyNjc3IiwidGFnIjoiIn0%3D; expires=Fri, 18 Oct 2024 08:53:26 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6Iko1cUg2QndaK0pOZm5WK2tQZTBsc3c9PSIsInZhbHVlIjoiQmJ0andPZm90ZWpSSzZ1WnlCaGkwb3N2ZEErVDhycnFZcnVGRWtBSmdpNHR6WFd1K20wQmVjZWwyOTk0RlhCZlBiM1FuT0xIT1YxeTdGalBHRFdtOEZBcFB1MEFPK01pT25jY1VySElteENDN2F4RWhvakJFZUJ3OEpROGVQSnMiLCJtYWMiOiI2NmZlYjA4MzNhM2ZiYTYzMGJkZjA4YzVhOTRhYTM1NzQ2MzBlZDI4YmJlYjVmZDBmZjM5MjU4NGU4NDg0YjM2IiwidGFnIjoiIn0%3D; expires=Fri, 18 Oct 2024 08:53:26 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH,DELETE
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization
Content-Security-Policy: upgrade-insecure-requests
Server: ArvanCloud
Server-Timing: total;dur=284
X-Cache: BYPASS
X-Request-ID: a26575f9ced81f2d1308b09251733b26
X-SID: 6110

Found 2024-10-18 by HttpPlugin

Create report

Open service 171.22.27.171:443 · marketplaceapi.pitico.app

2024-10-18 03:35

HTTP/1.1 500 Internal Server Error
Date: Fri, 18 Oct 2024 03:35:09 GMT
Server: Apache/2.4.52 (Ubuntu)
Upgrade: h2,h2c
Connection: Upgrade, close
Cache-Control: no-cache, private
Vary: Origin
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkNZOGNKUkRtNm02NmR4RmlaMVhKZFE9PSIsInZhbHVlIjoiRjNLRzNuOFlEczlrM0Q0dkxpVE5TVFJqbUVWeUNzRUVrWHVzVGpYejV4QW5rRFhxOTRiUmY3UjdyWG8wZTh4Wmd1SWRXNHlzY3p5WS9hTHIxK1dsdFRSeUc4VS9KOEo2dGp6Y1lqUGloUnErekZWVnQzK1Z1WVBOb2l2WTQ1RjAiLCJtYWMiOiI1ODIwODIxYWJjOWM5ZDQyZWY0MGMwZWRmNGU3MjkxNDFmZDkwMmVjMjJlZWY2Yjc2ODRlODViZjYwYmUyNDhlIiwidGFnIjoiIn0%3D; expires=Fri, 18 Oct 2024 05:35:09 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6IktjZDFnQ0FmT1NOYldOeW9zaTBkNFE9PSIsInZhbHVlIjoiWDRvODEwSXdSWGJuYVJkeEFyR1Z3L2RkTlliSzBQc3RiTFRUejdmcStqY2tJWUJIUzVKWUxCMUhLQ3diTmtjT3YxZFp1RXp2NE5WTTJNNjB3dTRiaFQ1RUhiNkN1aTJISnBWUURWSHI4V2pES2RwWmE0T0xBREhsUElwa1VjREgiLCJtYWMiOiI0Y2U0Y2VjMjhmMTczNjI3NDA4OGE1Y2E3YTdhNTI3OTU1MGM2MzA0MmViOGQxNTAxOGNlNDMwZTAwODUzYTNkIiwidGFnIjoiIn0%3D; expires=Fri, 18 Oct 2024 05:35:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH,DELETE
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Found 2024-10-18 by HttpPlugin

Create report

Open service 185.143.233.120:8443 · marketplaceapi.pitico.app

2024-10-17 03:56

HTTP/1.1 500 Internal Server Error
Date: Thu, 17 Oct 2024 03:56:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Upgrade: h2,h2c
Cache-Control: no-cache, private
Vary: Origin
Set-Cookie: XSRF-TOKEN=eyJpdiI6Im4zRVhYQlNNSkVsWDIyc3JHRTlsVFE9PSIsInZhbHVlIjoiS3NjRzdpUm9Ca2xpbGZqZ21VbEZ1aDFPdmgrR0sxTDdrek5McDNzOXY0aVNIWVpLQm4zS2d5TlJnQzNWUVR2K2JjRGZacytFZkM1KysrNGtqclJIdXZ6ZXRZcm1ubENnRlRuTVE0clNhSWpVUzYyMS9NbVUrdVRVZTI4cFI1d04iLCJtYWMiOiI2MmYzMDUwMzM1Mjg4Y2FiZDI3ZmMwOWYzZWIxYmY0MjA0M2UyN2EyN2Q4YTYxZjMzM2U3YjBhMTEyMmNmOTExIiwidGFnIjoiIn0%3D; expires=Thu, 17 Oct 2024 05:56:22 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6Imh6TFMxeVZJSW1sWDlRRGROLzQ0aUE9PSIsInZhbHVlIjoiMUM5Y0FNWVQ2SmhyOCsrVitDczBsMHpjS3gzU0YzNllpSGRhZEVnSDQvQW9VQk5iTFdyRXdaZWo2NGJDN3JyYjVwYU9seXd2ZTQxNWVTQVlLZUhYMU1xbUJrWHlKOGROcnFVQ1QrbzI2SzVlRWg2R056dmZqMHY3UG1qV2o1WDYiLCJtYWMiOiI4NDFlN2Y2NWQyZDU0MmVlZWUzNDg2ZGNmZTVkYWQyN2Q1NjdkMDA4MTA4NTBiYjUwNmRjMzU4YzY1MWMyMWUwIiwidGFnIjoiIn0%3D; expires=Thu, 17 Oct 2024 05:56:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH,DELETE
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization
Content-Security-Policy: upgrade-insecure-requests
Server: ArvanCloud
Server-Timing: total;dur=439
X-Cache: BYPASS
X-Request-ID: 54bebe16d430261479f8965132020cb0
X-SID: 6110

Found 2024-10-17 by HttpPlugin

Create report

Open service 171.22.27.171:443 · marketplaceapi.pitico.app

2024-10-16 06:16

HTTP/1.1 500 Internal Server Error
Date: Wed, 16 Oct 2024 06:16:47 GMT
Server: Apache/2.4.52 (Ubuntu)
Upgrade: h2,h2c
Connection: Upgrade, close
Cache-Control: no-cache, private
Vary: Origin
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkgyclhuUWw0S0JEYlB3UjhyQzljVlE9PSIsInZhbHVlIjoiYTRSNjRNRnM2LzVZUWJzc0FYcHRGdmt0TGFncFdnZEMwWGRzT0ZmZWN5S210by9zL25VWXdUQmJLNTQvODZ1NmFNcllXZnpwZDNIME83RGhFQ2VCMkUwa1pFUTIzZFJkaDJJUGlKenZ6bS93eHJOL0VIVUpqZFI4UVpTTE9rL0EiLCJtYWMiOiIxZWJjMDMwYWZhMDNkNjAxZDQwMmM4N2UxOTEwMmQ5MzE4YzczOGQxOGYyNmZlMDBlOGQ0MjczYzcxYjIzODljIiwidGFnIjoiIn0%3D; expires=Wed, 16 Oct 2024 08:16:47 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6InpTRWV4UnMyRzNybnJTWm5ialQrVUE9PSIsInZhbHVlIjoiaFduTWdYMkxzMmdOQnJSU1lrV0lZQW16TWM5UVNtbGZlSTVUMDNIc3BrazdKNXhMM0RvWjBiYmZkNHpucmhXa1JrSHM5SlhUaTZrSm0va0tRM1VkZFIycG9DU0thTFdYT1luYmN4MHJ1MnhEQ01yRm9qNmJzb3BSd2FRVUthRkUiLCJtYWMiOiI3YzIyMDJmMzhkMWRlNzBlMzMxYTZhYTBhODBhNDhkMzY0NWZiMzVhZTFlOTNhNmVjNjAzMmM4ODdlMDdmNDRhIiwidGFnIjoiIn0%3D; expires=Wed, 16 Oct 2024 08:16:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH,DELETE
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Found 2024-10-16 by HttpPlugin

Create report

*.pitico.apppitico.app

Fingerprint:

27a2cb5d7fdb89ae971b5772c2e369ab5bb63200db5f836fa09f37758dfcd8d5

CN:

pitico.app

Key:

ECDSA-256

Issuer:

Not before:

2024-11-16 23:48

Not after:

2025-02-14 23:48

*.pitico.apppitico.app

Fingerprint:

712978580b589bc17c3c5ee6a13665a7288553b0625ff234160f14d5a20f6a41

CN:

pitico.app

Key:

ECDSA-256

Issuer:

Not before:

2024-08-25 00:22

Not after:

2024-11-23 00:22

marketplaceapi.pitico.app

Fingerprint:

72ed93264ef13aaa563bd54b16df825036347d5db82864343d1e635831ba9e3d

CN:

marketplaceapi.pitico.app

Key:

RSA-2048

Issuer:

R11

Not before:

2024-09-02 16:40

Not after:

2024-12-01 16:40

Domain summary

marketplaceapi.pitico.app 18

1 recorded

IP summary

185.143.233.120 2 171.22.27.171 1

2 recorded