Domain sw6.kh.labor.imc.gmbh
Germany
Software information
Apache
tcp/443
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 176.52.246.106
Domain: sw6.kh.labor.imc.gmbh
Port: 443
URL: https://sw6.kh.labor.imc.gmbh/_profiler/empty/search/resultsFirst seen 2022-09-17 23:00
Last seen 2024-09-26 13:43
Open for 739 days-
Fingerprint: 407cf4363b0e62fafca67e0783831a0f83831a0f83831a0f83831a0f83831a0f
Symfony profiler enabled: https://sw6.kh.labor.imc.gmbh/_profiler/empty/search/results
Found on 2024-09-26 13:43
-
Open service 176.52.246.106:443 · sw6.kh.labor.imc.gmbh
2024-09-26 13:43
HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 13:43:42 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 9fd441 X-Debug-Token-Link: https://sw6.kh.labor.imc.gmbh/_profiler/9fd441 X-Robots-Tag: noindex sw-invalidation-states: Age: 0 X-Symfony-Cache: GET /: miss, store Cache-Control: no-cache, private Set-Cookie: session-=m3mh64nhtl7k2ajg4qngv1kkka; path=/; secure; HttpOnly; SameSite=lax Set-Cookie: session-=m3mh64nhtl7k2ajg4qngv1kkka; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.switch-language]=9c92cb38cf3609bf6bf624d.FuL6wcGbD-EBQMo76nJIpXC_wIv4BYQUgCWVs4MraBw.RYfDrOzybNc1L6cLpEo7kSXYocaKVLN18lbAgfFqJi1hiL2K8KJciywQqQ; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.configure]=44ea5f4b263ebe6c.D0CtPFj6dMu1jvnt0LMMbt8Dwpd2y9DGc5XNSfKLVS8.PBSfbAyzQYHC-aq5tvFjL51Fr8cDrLOqPa21C5u8Pxp7GudOO7M9ndbtrA; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=55b5.A9g5eccfQVmzJPk2K6TK20mKxvZ1GLW1GBkMaIPIyi8.RodgLoxzcBHeT5BgaeuD7Hy7jqc5KfjNaShuMcX5nBttrWYutHsHLOBPng; path=/; secure; httponly; samesite=lax Vary: User-Agent,Accept-Encoding Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2 days ago by HttpPluginCreate report
-
Open service 176.52.246.106:443 · sw6.kh.labor.imc.gmbh
2024-09-24 16:07
HTTP/1.1 200 OK Date: Tue, 24 Sep 2024 16:07:45 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 95a925 X-Debug-Token-Link: https://sw6.kh.labor.imc.gmbh/_profiler/95a925 X-Robots-Tag: noindex sw-invalidation-states: Age: 1 X-Symfony-Cache: GET /: miss, store Cache-Control: no-cache, private Set-Cookie: session-=cqcroq59o7d2ndicpruq48g8g1; path=/; secure; HttpOnly; SameSite=lax Set-Cookie: session-=cqcroq59o7d2ndicpruq48g8g1; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.switch-language]=1ce3e4b.xhBZXL3M8p4nta7KywO3MjNHmraA9KFOYTVFQ5t-Nf0.j306CtD8lepq1J-4pFLZfmI-rPLhhvkoNFQUEd9LdJGcVQk2-KDE2Gzeng; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.configure]=9cbc8c6af0ea36371ba107.VU5oHbIUAQhnbFD2mlXNAzyHIzb0FusrRKeUQFf6FzQ.IiIwbtB5Y34UQRiprxi3MHLSRGWHIt1mPpPdDgaDRFU9IBEl0FU4ahI1GQ; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=dd7f602bdf.iaF2g03_miLY0b0pY0-o89hIJcherBsIcskFQz0dnrM.3Jcg5hq9zU2eu-RYLCvevaAbFfAG7n9yHftxNwVazNi6yA_LN43NV5Wp7A; path=/; secure; httponly; samesite=lax Vary: User-Agent,Accept-Encoding Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2024-09-24 by HttpPluginCreate report
-
Open service 176.52.246.106:443 · sw6.kh.labor.imc.gmbh
2024-09-14 12:44
HTTP/1.1 200 OK Date: Sat, 14 Sep 2024 12:44:57 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: 87d578 X-Debug-Token-Link: https://sw6.kh.labor.imc.gmbh/_profiler/87d578 X-Robots-Tag: noindex sw-invalidation-states: Age: 0 X-Symfony-Cache: GET /: miss, store Cache-Control: no-cache, private Set-Cookie: session-=1tnjp3mmk5s5oup7c8qlpus98h; path=/; secure; HttpOnly; SameSite=lax Set-Cookie: session-=1tnjp3mmk5s5oup7c8qlpus98h; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.switch-language]=42e7aab1cc74586aafa3b0123.uLGx_1E-LoO-bsHQWGgYVQ8HTCHFz34vewu_GIF33NE.3JzFsyVqZcbyX46gbSFgB1tzHhawmydbLl_SUM5anqOBnIHHY3tszPYHog; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.configure]=ce7e299f2301c8e02.UHiYapgeZBeCahq4_xvlJbMcunDm1Dld7zWcYzwCuco.aTnKH8dsDWWzBGPuynS1c_Is8yK2vFhljGL9GQ1PjoUYPNIk93lQbsowVw; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=dec119bae.qMBrp7aU1b6tVhbwEVpXkiZw_LFFbrApOduCyn_MDF8.6aQf-JvZhvidYnqTXBAm2HICpPUKK-ZeXa-1pQmUXQ7RqSTv6afi0cJidQ; path=/; secure; httponly; samesite=lax Vary: User-Agent,Accept-Encoding Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2024-09-14 by HttpPluginCreate report
-
Open service 176.52.246.106:443 · sw6.kh.labor.imc.gmbh
2024-09-08 15:04
HTTP/1.1 200 OK Date: Sun, 08 Sep 2024 15:04:18 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: abc67a X-Debug-Token-Link: https://sw6.kh.labor.imc.gmbh/_profiler/abc67a X-Robots-Tag: noindex sw-invalidation-states: Age: 1 X-Symfony-Cache: GET /: miss, store Cache-Control: no-cache, private Set-Cookie: session-=ppcc3i51o00j9b8t0o083dq0lc; path=/; secure; HttpOnly; SameSite=lax Set-Cookie: session-=ppcc3i51o00j9b8t0o083dq0lc; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.switch-language]=6c765c83a264a4fdb1cbbd6ce.eEl-L_PSkkxEcv9dktyaervPCAaZPbrKOL1Gz4ECi58.FSBOf5qg9ht8GrkU87neTu-APjLgDIK_U_IIlbMyptkMEU1jsrvneCAjjA; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.configure]=3d8.orQUVhSDKWO-RX0Vg16P72EAOzINalCFYqwZyz3cd1s._dFLHGG7WwDqCDB0-2n_gDAyS0tIHTvaF-JKiQSwHhj3hndvcOBRFM0_Hg; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=b5f46813.J5F9DCmjzp8plr4yz7ADxzBNDn06FbCJ2J6ljUkfSAI.a6FOYF_Wn81A9dlflYdAgx0keQ0XTfrnn_DA1GRJPk1OxVBfUduG9GKijg; path=/; secure; httponly; samesite=lax Vary: User-Agent,Accept-Encoding Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2024-09-08 by HttpPluginCreate report
-
Open service 176.52.246.106:443 · sw6.kh.labor.imc.gmbh
2024-08-18 09:40
HTTP/1.1 200 OK Date: Sun, 18 Aug 2024 09:40:11 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: deny X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Debug-Token: e3db31 X-Debug-Token-Link: https://sw6.kh.labor.imc.gmbh/_profiler/e3db31 X-Robots-Tag: noindex sw-invalidation-states: Age: 0 X-Symfony-Cache: GET /: miss, store Cache-Control: no-cache, private Set-Cookie: session-=t83ikaddcec5vi7hqfvc4r880f; path=/; secure; HttpOnly; SameSite=lax Set-Cookie: session-=t83ikaddcec5vi7hqfvc4r880f; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.switch-language]=28498c2.pkzTP0Q3fV2i-u_NIJ_lhXGX7sbk-SjyTONsoFro07w.8wWFDSFdNzv7qaD6ati10j_7rKOTrBvfYasgyBu8vdLjKetNFVwoNeu8vg; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.checkout.configure]=a96f63cb69aa46aa1f3edf3290337.HHtJtzCwQYhWDxmkH6_v67WNQpfVjLqhALJVwPUM_9k.Wywd-HP2OdhnSDToRund2N3BA-200-jtZuVlr4JDvrtRCSfGSPYt7Dlffg; path=/; secure; httponly; samesite=lax Set-Cookie: csrf[frontend.store-api.proxy]=cce564131db19.7ELXIsR37uHwhltEZ1s4i7XxRuGDtuaSmn_MXpw6IIo.3gCHSZUHj5mf_AwOLzJuxMS4EYbBxrPF4jSUMtptF7jYOL1vlTWduJO2Hg; path=/; secure; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2024-08-18 by HttpPluginCreate report