LeakIX - Host n.huggii.com

Domain n.huggii.com

Switzerland

Infomaniak Network SA

Software information

Apache Apache

tcp/443 tcp/80

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 185.181.161.246
Domain: n.huggii.com
Port: 80
URL: http://n.huggii.com

First seen 2022-10-05 10:21
Last seen 2024-05-08 20:27
Open for 581 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392ab381a1516acf5216c443a2b3b889f3e98
```
Found 7 files trough .DS_Store spidering:

/build
/bundles
/imgs
/imgs/Fwd__Job_Dating_Campus_Eductive_Lillenium
/pdf
/pdf/bls
/pdf/quotes
```
  Found on 2024-05-08 20:27
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e9a7ba9f04e072c262ec54e351a88916c6
```
Found 5 files trough .DS_Store spidering:

/build
/bundles
/imgs
/imgs/Fwd__Job_Dating_Campus_Eductive_Lillenium
/pdf
```
  Found on 2023-04-22 19:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 185.181.161.246
Domain: n.huggii.com
Port: 443
URL: https://n.huggii.com

First seen 2022-10-05 10:21
Last seen 2024-05-13 01:47
Open for 585 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392ab381a1516acf5216c443a2b3b889f3e98
```
Found 7 files trough .DS_Store spidering:

/build
/bundles
/imgs
/imgs/Fwd__Job_Dating_Campus_Eductive_Lillenium
/pdf
/pdf/bls
/pdf/quotes
```
  Found on 2024-05-13 01:47
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 185.181.161.246
Domain: n.huggii.com
Port: 80
URL: http://n.huggii.com/_profiler/empty/search/results

First seen 2022-12-09 00:30
Last seen 2024-05-08 20:27
Open for 516 days
- Fingerprint: 407cf4363b0e62fafca67e074695b8964695b8964695b8964695b8964695b896
```
Symfony profiler enabled:
http://n.huggii.com/_profiler/empty/search/results
```
  Found on 2024-05-08 20:27
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 185.181.161.246
Domain: n.huggii.com
Port: 443
URL: https://n.huggii.com/_profiler/empty/search/results

First seen 2022-12-09 00:30
Last seen 2024-05-13 01:47
Open for 521 days
- Fingerprint: 407cf4363b0e62fafca67e073514211335142113351421133514211335142113
```
Symfony profiler enabled:
https://n.huggii.com/_profiler/empty/search/results
```
  Found on 2024-05-13 01:47
Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-05-13 01:47

HTTP/1.1 200 OK
date: Mon, 13 May 2024 01:48:01 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: e8107e
x-debug-token-link: https://n.huggii.com/_profiler/e8107e
x-robots-tag: noindex
expires: Mon, 13 May 2024 01:48:01 GMT
set-cookie: PHPSESSID=324bfecaed0e9f85e19841ca12e71dc6; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-13 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-05-13 01:44

HTTP/1.1 200 OK
date: Mon, 13 May 2024 01:44:12 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 5f021f
x-debug-token-link: https://n.huggii.com/_profiler/5f021f
x-robots-tag: noindex
expires: Mon, 13 May 2024 01:44:12 GMT
set-cookie: PHPSESSID=e005732f65b517e6bf6e5904b3931df1; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-13 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-05-08 21:49

HTTP/1.1 200 OK
date: Wed, 08 May 2024 21:49:55 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: f23b42
x-debug-token-link: https://n.huggii.com/_profiler/f23b42
x-robots-tag: noindex
expires: Wed, 08 May 2024 21:49:55 GMT
set-cookie: PHPSESSID=64ca0aa4716250f004d70468f1abd719; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-05-08 20:27

HTTP/1.1 200 OK
date: Wed, 08 May 2024 20:27:03 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 7a3054
x-debug-token-link: http://n.huggii.com/_profiler/7a3054
x-robots-tag: noindex
expires: Wed, 08 May 2024 20:27:04 GMT
set-cookie: PHPSESSID=7882d2c5fa9dcdef0785a85fd41faddf; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-05-08 17:39

HTTP/1.1 200 OK
date: Wed, 08 May 2024 17:39:02 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 84ffa1
x-debug-token-link: http://n.huggii.com/_profiler/84ffa1
x-robots-tag: noindex
expires: Wed, 08 May 2024 17:39:02 GMT
set-cookie: PHPSESSID=e027591bd0eb17ea06752ba48c632340; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-05-08 13:55

HTTP/1.1 200 OK
date: Wed, 08 May 2024 13:55:38 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 31b6d6
x-debug-token-link: https://n.huggii.com/_profiler/31b6d6
x-robots-tag: noindex
expires: Wed, 08 May 2024 13:55:39 GMT
set-cookie: PHPSESSID=f763178177c84a7b271bea6bac6e7658; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-05-01 03:12

HTTP/1.1 200 OK
date: Wed, 01 May 2024 03:12:59 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: f5dbbb
x-debug-token-link: https://n.huggii.com/_profiler/f5dbbb
x-robots-tag: noindex
expires: Wed, 01 May 2024 03:12:59 GMT
set-cookie: PHPSESSID=7670ae29cf8d3d3f599f30b0dc9f3a56; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-01 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-05-01 02:51

HTTP/1.1 200 OK
date: Wed, 01 May 2024 02:52:07 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: e6d729
x-debug-token-link: https://n.huggii.com/_profiler/e6d729
x-robots-tag: noindex
expires: Wed, 01 May 2024 02:52:08 GMT
set-cookie: PHPSESSID=c263e1c3a861bdd168d8476b807a1956; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-01 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-04-30 23:24

HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 23:24:34 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 7c2692
x-debug-token-link: http://n.huggii.com/_profiler/7c2692
x-robots-tag: noindex
expires: Tue, 30 Apr 2024 23:24:34 GMT
set-cookie: PHPSESSID=6c746d910ae334ff9e661d8d5d12db34; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-30 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-04-29 01:27

HTTP/1.1 200 OK
date: Mon, 29 Apr 2024 01:27:18 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 78f120
x-debug-token-link: https://n.huggii.com/_profiler/78f120
x-robots-tag: noindex
expires: Mon, 29 Apr 2024 01:27:19 GMT
set-cookie: PHPSESSID=f5965fa77a56f349beae3f850e4d0646; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-29 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-04-28 19:17

HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 19:17:01 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: ec8ff9
x-debug-token-link: http://n.huggii.com/_profiler/ec8ff9
x-robots-tag: noindex
expires: Sun, 28 Apr 2024 19:17:02 GMT
set-cookie: PHPSESSID=602955d87f498d9f76fb3aa5a1c3dc11; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-28 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-04-28 19:01

HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 19:01:54 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 58bdd3
x-debug-token-link: http://n.huggii.com/_profiler/58bdd3
x-robots-tag: noindex
expires: Sun, 28 Apr 2024 19:01:54 GMT
set-cookie: PHPSESSID=513f04a86425869dca6dba76dddb2bb0; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-28 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-04-28 18:59

HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 18:59:42 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 60aad6
x-debug-token-link: https://n.huggii.com/_profiler/60aad6
x-robots-tag: noindex
expires: Sun, 28 Apr 2024 18:59:43 GMT
set-cookie: PHPSESSID=5390d34f4d1ef0b754e747c008723342; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-28 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-04-18 22:00

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 22:00:49 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: c06235
x-debug-token-link: https://n.huggii.com/_profiler/c06235
x-robots-tag: noindex
expires: Thu, 18 Apr 2024 22:00:50 GMT
set-cookie: PHPSESSID=4367bc99894a89abdca27cff94a8aa14; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-04-18 21:39

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 21:40:23 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 313c9a
x-debug-token-link: http://n.huggii.com/_profiler/313c9a
x-robots-tag: noindex
expires: Thu, 18 Apr 2024 21:40:24 GMT
set-cookie: PHPSESSID=9a6a35ea6f7bdd6e6dc909851a621c5e; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

Open service 185.181.161.246:443 · n.huggii.com

2024-04-18 21:16

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 21:16:48 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <https://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: f81525
x-debug-token-link: https://n.huggii.com/_profiler/f81525
x-robots-tag: noindex
expires: Thu, 18 Apr 2024 21:16:49 GMT
set-cookie: PHPSESSID=541615955a0a31dc47a93b805627fb6a; path=/; secure; httponly; samesite=lax
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

Open service 185.181.161.246:80 · n.huggii.com

2024-04-18 21:12

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 21:12:43 GMT
server: Apache
cache-control: max-age=0, must-revalidate, private
link: <http://n.huggii.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-debug-token: 6542d9
x-debug-token-link: http://n.huggii.com/_profiler/6542d9
x-robots-tag: noindex
expires: Thu, 18 Apr 2024 21:12:45 GMT
set-cookie: PHPSESSID=4354e235318f3f6a2b6b13a9e6a602d4; path=/; httponly; samesite=lax
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

preview.infomaniak.website.infomaniak.site.preview.infomaniak.website

Fingerprint:

bae2ba768711bb877bc328dc7e22c82df20699c5aa478175cc517329204b2b63

CN:

preview.infomaniak.website

Key:

RSA-2048

Issuer:

Sectigo RSA Domain Validation Secure Server CA

Not before:

2023-09-28 00:00

Not after:

2024-10-11 23:59

Domain summary

n.huggii.com 21

1 recorded

IP summary

185.181.161.246 2

1 recorded

Domain n.huggii.com

Switzerland

Software information

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Symfony developement panel enabled

Symfony developement panel enabled

preview.infomaniak.website*.infomaniak.site*.preview.infomaniak.website

Domain summary

IP summary

preview.infomaniak.website.infomaniak.site.preview.infomaniak.website