The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e074d1d47c64d1d47c64d1d47c64d1d47c64d1d47c6
Symfony profiler enabled: https://qa.cms.mykey4.events/_profiler/empty/search/results
Open service 90.85.187.81:443 · qa.cms.mykey4.events
2024-05-21 16:12
HTTP/1.1 200 OK Date: Tue, 21 May 2024 16:12:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache, private X-App-Version: 1.0.4 X-Debug-Token: 67dcf3 X-Debug-Token-Link: https://qa.cms.mykey4.events/_profiler/67dcf3 X-Robots-Tag: noindex Strict-Transport-Security: max-age=31536000; includeSubDomains
Open service 90.85.187.81:80 · qa.cms.mykey4.events
2024-05-21 16:12
HTTP/1.1 308 Permanent Redirect Date: Tue, 21 May 2024 16:12:46 GMT Content-Type: text/html Content-Length: 164 Connection: close Location: https://qa.cms.mykey4.events Page title: 308 Permanent Redirect <html> <head><title>308 Permanent Redirect</title></head> <body> <center><h1>308 Permanent Redirect</h1></center> <hr><center>nginx</center> </body> </html>