Domain staging.api.empruntemontoutou.com
France
Software information
nginx
tcp/443 tcp/80
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 54.195.124.104
Domain: staging.api.empruntemontoutou.com
Port: 443
URL: https://staging.api.empruntemontoutou.com/_profiler/empty/search/resultsFirst seen 2022-08-25 04:47
Last seen 2024-05-13 13:19
Open for 627 days-
Fingerprint: 407cf4363b0e62fafca67e0744831d8344831d8344831d8344831d8344831d83
Symfony profiler enabled: https://staging.api.empruntemontoutou.com/_profiler/empty/search/results
Found on 2024-05-13 13:19
-
Open service 34.163.8.130:80 · staging.api.empruntemontoutou.com
2024-05-13 13:19
HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 13 May 2024 13:19:06 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://staging.api.empruntemontoutou.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2024-05-13 by HttpPluginCreate report
-
Open service 34.163.8.130:443 · staging.api.empruntemontoutou.com
2024-05-13 13:19
HTTP/1.1 200 OK Server: nginx Content-Type: application/vnd.openapi+json; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept X-Content-Type-Options: nosniff X-Frame-Options: deny Cache-Control: no-cache, private Date: Mon, 13 May 2024 13:19:06 GMT Link: <https://staging.api.empruntemontoutou.com/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" ETag: "0635b552e566a0fa7a6797d4f85f0512" X-Debug-Token: a0eea2 X-Debug-Token-Link: https://staging.api.empruntemontoutou.com/_profiler/a0eea2 X-Robots-Tag: noindex X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: no-referrer-when-downgrade Content-Security-Policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'; Permissions-Policy: interest-cohort=() Strict-Transport-Security: max-age=31536000; includeSubDomains {"resourceNameCollection":["ApiPlatform\\State\\ApiResource\\Error","ApiPlatform\\Symfony\\Validator\\Exception\\ValidationException","App\\Account\\Domain\\Entity\\Customer","App\\Account\\Domain\\Entity\\CustomerAddress","App\\Account\\Domain\\Entity\\CustomerMisc","App\\Account\\Domain\\Entity\\CustomerProfile","App\\Account\\Domain\\Entity\\CustomerSetting","App\\Account\\Domain\\Entity\\DogProfile","App\\Account\\Domain\\Entity\\DogProfileAvailability","App\\Account\\Domain\\Entity\\Identity","App\\Account\\Domain\\Entity\\Memos","App\\Account\\Domain\\Entity\\Profile","App\\Account\\Domain\\Entity\\ProfileImage","App\\Account\\Infrastructures\\ApiPlatform\\Ressource\\Account","App\\Account\\Infrastructures\\ApiPlatform\\Ressource\\MemberAdministration","App\\Account\\Infrastructures\\ApiPlatform\\Ressource\\MemberAdministrationSubscription","App\\Account\\Infrastructures\\ApiPlatform\\Ressource\\MemberImagesAdministration","App\\Account\\Infrastructures\\ApiPlatform\\Ressource\\MemberTrackingAdministration","App\\Account\\Infrastructures\\ApiPlatform\\Ressource\\PublicProfileAPI","App\\CMS\\Domain\\Entity\\DisponibilityChoice","App\\CMS\\Domain\\Entity\\DogAffinityChoice","App\\CMS\\Domain\\Entity\\DogBreed","App\\CMS\\Domain\\Entity\\DogSize","App\\CMS\\Domain\\Entity\\SchemaRule","App\\CMS\\Domain\\Entity\\Screen","App\\CMS\\Domain\\Entity\\WebContent","App\\CMS\\Infrastructures\\ApiPlatform\\Ressource\\NotificationCard","App\\DynamicPages\\Infrastructures\\ApiPlatform\\Ressource\\ReviewStat","App\\EmailsAndPushes\\Domain\\Entity\\Notification","App\\Marketing\\Domain\\Entity\\ClientAttribute","App\\Marketing\\Domain\\Entity\\Survey","App\\Marketing\\Domain\\Entity\\SurveyQuestion","App\\Marketing\\Domain\\Entity\\SurveyResponse","App\\Marketing\\Domain\\Entity\\SurveyWording","App\\Marketing\\Domain\\Entity\\Wording","App\\MemberInteraction\\Domain\\Entity\\Discussion","App\\MemberInteraction\\Domain\\Entity\\DiscussionMessage","App\\MemberInteraction\\Domain\\Entity\\Favorite","App\\MemberInteraction\\Domain\\Entity\\Review","App\\Moderation\\Domain\\Entity\\BlacklistWord","App\\Moderation\\Domain\\Entity\\CustomerModeration","App\\Moderation\\Domain\\Entity\\CustomerModerationProxyModel","App\\Moderation\\Domain\\Entity\\CustomerReport","App\\Moderation\\Domain\\Entity\\ModerationReason","App\\Partnership\\Domain\\Entity\\CustomerInsurance","App\\Partnership\\Domain\\Entity\\Insurance","App\\Partnership\\Domain\\Entity\\Optin","App\\Partnership\\Domain\\Entity\\PartnerQuoteProspect","App\\Partnership\\Domain\\Entity\\Setting","App\\Partnership\\Domain\\Entity\\ShadowOptin","App\\Search\\Infrastructures\\ApiPlatform\\Ressource\\ScoreAPI","App\\Search\\Infrastructures\\ApiPlatform\\Ressource\\SearchAPI","App\\Security\\Infrastructures\\ApiPlatform\\Ressource\\Authentication","App\\Security\\Infrastructures\\ApiPlatform\\Ressource\\MobileRequirement","App\\Subscription\\Domain\\Entity\\IaphubSubscription","App\\Subscription\\Domain\\Entity\\InsuranceSubscription","App\\Subscription\\Domain\\Entity\\Intent","App\\Subscription\\Domain\\Entity\\ManualSubscription","App\\Subscription\\Domain\\Entity\\PermanentSubscription","App\\Subscription\\Domain\\Entity\\Price","App\\Subscription\\Domain\\Entity\\PriceBadge","App\\Subscription\\Domain\\Entity\\StripeDiscountCode","App\\Subscription\\Domain\\Entity\\StripePrice","App\\Subscription\\Domain\\Entity\\StripeProduct","App\\Subscription\\Domain\\Entity\\StripeSubscription","App\\Subscription\\Domain\\Entity\\Subscription"]}Found 2024-05-13 by HttpPluginCreate report