LeakIX - Host platform-api.stage.hamhoush.ir

Domain platform-api.stage.hamhoush.ir

Iran

Noyan Abr Arvan Co. ( Private Joint Stock)

Software information

ArvanCloud

tcp/443

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 185.143.233.120
Domain: platform-api.stage.hamhoush.ir
Port: 443
URL: https://platform-api.stage.hamhoush.ir

First seen 2024-08-28 10:12
Last seen 2024-11-22 13:10
Open for 86 days
- Fingerprint: b18befd9dd653682c29a7ed7c29a7ed7c29a7ed7c29a7ed7c29a7ed7c29a7ed7
```
{"success":false,"message":"Not Found","data":null,"error_code":404}
```
  Found on 2024-11-22 13:10
Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-11-20 14:42

HTTP/1.1 200 OK
Date: Wed, 20 Nov 2024 14:42:25 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=248
X-Cache: BYPASS
X-Request-ID: 2583e90cc7dfaa030b7ad639617a23e8
X-SID: 6111
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-11-20 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-11-18 13:42

HTTP/1.1 200 OK
Date: Mon, 18 Nov 2024 13:42:55 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=264
X-Cache: BYPASS
X-Request-ID: 6c5974477dbe399ed973d46e8d712bfc
X-SID: 6110
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-11-18 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-11-16 16:43

HTTP/1.1 200 OK
Date: Sat, 16 Nov 2024 16:43:51 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=272
X-Cache: BYPASS
X-Request-ID: 5fa00e2249677bc6584cafe6f2ce626e
X-SID: 6231
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-11-16 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-11-02 10:24

HTTP/1.1 200 OK
Date: Sat, 02 Nov 2024 10:24:53 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=288
X-Cache: BYPASS
X-Request-ID: 83fd17c2bdc20629af0097603f7287be
X-SID: 6232
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-11-02 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-11-01 05:16

HTTP/1.1 200 OK
Date: Fri, 01 Nov 2024 05:16:05 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=272
X-Cache: BYPASS
X-Request-ID: bbff565498f416bad9e7c8d16f926a46
X-SID: 6230
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-11-01 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-10-30 04:42

HTTP/1.1 200 OK
Date: Wed, 30 Oct 2024 04:42:22 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=244
X-Cache: BYPASS
X-Request-ID: 3874ae2fb203f103ccd6b30fde870b73
X-SID: 6112
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-10-30 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-10-20 13:48

HTTP/1.1 200 OK
Date: Sun, 20 Oct 2024 13:48:48 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=164
X-Cache: BYPASS
X-Request-ID: 0bf454a835936307befb333298b5890b
X-SID: 4101
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-10-20 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-10-18 15:17

HTTP/1.1 200 OK
Date: Fri, 18 Oct 2024 15:17:17 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=265
X-Cache: BYPASS
X-Request-ID: 73104d84927272919418f35238a0e67e
X-SID: 6110
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-10-18 by HttpPlugin

Create report

Open service 185.143.233.120:443 · platform-api.stage.hamhoush.ir

2024-10-16 19:25

HTTP/1.1 200 OK
Date: Wed, 16 Oct 2024 19:25:59 GMT
Content-Type: application/json
Content-Length: 64
Connection: close
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self'; frame-src 'self'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https:; script-src 'self' https: 'unsafe-inline'
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(), vibrate=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: ArvanCloud
Server-Timing: total;dur=274
X-Cache: BYPASS
X-Request-ID: 20b2feae0faf5108adf1f68b85b8a246
X-SID: 6110
Accept-Ranges: bytes


{"success":true,"message":"سلام","data":null,"error_code":0}

Found 2024-10-16 by HttpPlugin

Create report

.dev.hamhoush.ir.hamhoush.ir.prd.hamhoush.ir.stage.hamhoush.ir

Fingerprint:

2ab4d89177ec12842fa7483caa3fd9ae031a19d6c6348fe888cd2bc99eadfc7b

CN:

*.hamhoush.ir

Key:

ECDSA-256

Issuer:

Not before:

2024-09-07 00:37

Not after:

2024-12-06 00:37

Domain summary

platform-api.stage.hamhoush.ir 9

1 recorded

IP summary

185.143.233.120 2

1 recorded

Domain platform-api.stage.hamhoush.ir

Iran

Software information

A JSON configuration file has been found

*.dev.hamhoush.ir*.hamhoush.ir*.prd.hamhoush.ir*.stage.hamhoush.ir

Domain summary

IP summary

.dev.hamhoush.ir.hamhoush.ir.prd.hamhoush.ir.stage.hamhoush.ir