LeakIX - Host ted-clubmed.diji.fr

Domain ted-clubmed.diji.fr

France

AMAZON-02

Software information

nginx nginx

tcp/443

nginx nginx 1.25.5

tcp/80

Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 13.36.131.132
Domain: ted-clubmed.diji.fr
Port: 443
URL: https://ted-clubmed.diji.fr/_profiler/empty/search/results

First seen 2024-02-11 03:37
- Fingerprint: 407cf4363b0e62fafca67e077b97f57b7b97f57b7b97f57b7b97f57b7b97f57b
```
Symfony profiler enabled:
https://ted-clubmed.diji.fr/_profiler/empty/search/results
```
  Found on 2024-02-11 03:37
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 35.181.73.41
Domain: preprod.ted-clubmed.diji.fr
Port: 443
URL: https://preprod.ted-clubmed.diji.fr/_profiler/empty/search/results

First seen 2023-12-17 03:30
Last seen 2024-09-26 08:38
Open for 284 days
- Fingerprint: 407cf4363b0e62fafca67e07a68979b9a68979b9a68979b9a68979b9a68979b9
```
Symfony profiler enabled:
https://preprod.ted-clubmed.diji.fr/_profiler/empty/search/results
```
  Found on 2024-09-26 08:38
Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-26 08:38

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=8b0857ac40f92152498e4c3c3ac67f99; expires=Fri, 27 Sep 2024 08:38:09 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Thu, 26 Sep 2024 08:38:09 GMT
Location: /login_local
X-Debug-Token: edb7bb
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%22edb7bb%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2 days ago by HttpPlugin

Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-25 03:28

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=727881bd4cb520a49534e2418af967f2; expires=Thu, 26 Sep 2024 03:28:53 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Wed, 25 Sep 2024 03:28:53 GMT
Location: /login_local
X-Debug-Token: 52dbe7
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%2252dbe7%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-09-25 by HttpPlugin

Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-14 21:10

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=706ba65741811f146101ce2bbff91372; expires=Sun, 15 Sep 2024 21:10:53 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Sat, 14 Sep 2024 21:10:53 GMT
Location: /login_local
X-Debug-Token: 6b62da
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%226b62da%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-09-14 by HttpPlugin

Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-13 00:17

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=5220053bba8bf8956bf6f732d1c6354c; expires=Sat, 14 Sep 2024 00:17:16 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Fri, 13 Sep 2024 00:17:16 GMT
Location: /login_local
X-Debug-Token: 28e90b
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%2228e90b%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-09-13 by HttpPlugin

Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-11 03:34

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=7d2534e83c9122deab790aaf6df3e5fd; expires=Thu, 12 Sep 2024 03:34:25 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Wed, 11 Sep 2024 03:34:25 GMT
Location: /login_local
X-Debug-Token: b6d60c
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%22b6d60c%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-09-11 by HttpPlugin

Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-08 23:45

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=6d7eb818dea46d57a57febe1ff7b1163; expires=Mon, 09 Sep 2024 23:45:26 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Sun, 08 Sep 2024 23:45:26 GMT
Location: /login_local
X-Debug-Token: 5c8510
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%225c8510%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-09-08 by HttpPlugin

Create report

Open service 35.181.73.41:443 · preprod.ted-clubmed.diji.fr

2024-09-06 20:51

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=01581684b4999d7a2ada4a9ca939df76; expires=Sat, 07 Sep 2024 20:51:26 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Fri, 06 Sep 2024 20:51:26 GMT
Location: /login_local
X-Debug-Token: f7f87c
X-Robots-Tag: noindex
Set-Cookie: sf_redirect=%7B%22token%22%3A%22f7f87c%22%2C%22route%22%3A%22log%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CLogin%5C%5CLoginLocalRoute%22%2C%22method%22%3A%22log%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Ffront%5C%2Fsrc%5C%2FController%5C%2FLogin%5C%2FLoginLocalRoute.php%22%2C%22line%22%3A40%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-09-06 by HttpPlugin

Create report

Open service 13.36.131.132:443 · ted-clubmed.diji.fr

2024-08-18 03:37

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: api=3b8972dff94cfb099f622754da843018; expires=Mon, 19 Aug 2024 03:38:02 GMT; Max-Age=86400; path=/; SameSite=Lax
Date: Sun, 18 Aug 2024 03:38:02 GMT
Location: /login_local
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: no-referrer-when-downgrade

Page title: Redirecting to /login_local

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login_local'" />

        <title>Redirecting to /login_local</title>
    </head>
    <body>
        Redirecting to <a href="/login_local">/login_local</a>.
    </body>
</html>

Found 2024-08-18 by HttpPlugin

Create report

Open service 13.36.131.132:80 · ted-clubmed.diji.fr

2024-08-18 03:37

HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.5
Date: Sun, 18 Aug 2024 03:37:57 GMT
Content-Type: text/html
Content-Length: 169
Connection: close
Location: https://ted-clubmed.diji.fr/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.25.5</center>
</body>
</html>

Found 2024-08-18 by HttpPlugin

Create report

preprod.ted-clubmed.diji.fr

Fingerprint:

b716e3d7a0b53f239afefb239c45684af84a6ec98478163838c57682b3d798bd

CN:

preprod.ted-clubmed.diji.fr

Key:

RSA-2048

Issuer:

R11

Not before:

2024-08-25 02:33

Not after:

2024-11-23 02:33

ted-clubmed.diji.fr

Fingerprint:

82a25edbc225d9304348605dd53efb9e76873216ff2d5e449d5823065f7cd522

CN:

ted-clubmed.diji.fr

Key:

RSA-2048

Issuer:

R10

Not before:

2024-08-18 02:39

Not after:

2024-11-16 02:39

Domain summary

preprod.ted-clubmed.diji.fr 7 ted-clubmed.diji.fr 2

2 recorded

IP summary

35.181.73.41 2 13.36.131.132 2

2 recorded

Domain ted-clubmed.diji.fr

France

Software information

Symfony developement panel enabled

Symfony developement panel enabled

preprod.ted-clubmed.diji.fr

ted-clubmed.diji.fr

Domain summary

IP summary