Domain testing-eg.am-root.com
Egypt
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 197.50.97.192
Domain: testing-eg.am-root.com
Port: 443
URL: https://testing-eg.am-root.com/_profiler/empty/search/resultsFirst seen 2023-02-26 18:46
Last seen 2024-05-22 11:28
Open for 450 days-
Fingerprint: 407cf4363b0e62fafca67e07167ad868167ad868167ad868167ad868167ad868
Symfony profiler enabled: https://testing-eg.am-root.com/_profiler/empty/search/results
Found on 2024-05-22 11:28
-
Symfony developement panel enabled
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
- System configuration
- Request log, including POST request with credentials and/or api keys
IP: 41.38.128.189
Domain: auth.testing-eg.am-root.com
Port: 443
URL: https://auth.testing-eg.am-root.com/_profiler/empty/search/resultsFirst seen 2024-02-08 10:27
Last seen 2024-06-18 17:57
Open for 131 days-
Fingerprint: 407cf4363b0e62fafca67e079d19c2b89d19c2b89d19c2b89d19c2b89d19c2b8
Symfony profiler enabled: https://auth.testing-eg.am-root.com/_profiler/empty/search/results
Found on 2024-06-18 17:57
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-18 17:57
HTTP/1.1 302 Found Date: Tue, 18 Jun 2024 17:57:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: 2df1c8 X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/2df1c8 X-Robots-Tag: noindex Expires: Tue, 18 Jun 2024 17:57:32 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%222df1c8%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=305c8ed367e40a79911591d18d54f95c; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2 days ago by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-16 03:20
HTTP/1.1 302 Found Date: Sun, 16 Jun 2024 03:20:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: edff59 X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/edff59 X-Robots-Tag: noindex Expires: Sun, 16 Jun 2024 03:20:27 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%22edff59%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=ebf3de534882c23cca96874f1191ba5c; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-16 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-12 21:25
HTTP/1.1 302 Found Date: Wed, 12 Jun 2024 21:25:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: 80498c X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/80498c X-Robots-Tag: noindex Expires: Wed, 12 Jun 2024 21:25:13 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%2280498c%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=4f76ad8406b4f3e95561d84c820a69d9; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-12 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-10 18:41
HTTP/1.1 302 Found Date: Mon, 10 Jun 2024 18:41:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: 1dd98c X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/1dd98c X-Robots-Tag: noindex Expires: Mon, 10 Jun 2024 18:41:13 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%221dd98c%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=f6994ec409f9453340e8885178b86d15; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-10 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-08 19:32
HTTP/1.1 302 Found Date: Sat, 08 Jun 2024 19:32:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: 51d3ab X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/51d3ab X-Robots-Tag: noindex Expires: Sat, 08 Jun 2024 19:32:37 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%2251d3ab%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=235d378a335637f60e684383f89b914c; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-08 by HttpPluginCreate report
-
Open service 41.38.128.189:80 · auth.testing-eg.am-root.com
2024-06-07 08:28
HTTP/1.1 308 Permanent Redirect Date: Fri, 07 Jun 2024 08:28:40 GMT Content-Type: text/html Content-Length: 164 Connection: close Location: https://auth.testing-eg.am-root.com Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: 308 Permanent Redirect <html> <head><title>308 Permanent Redirect</title></head> <body> <center><h1>308 Permanent Redirect</h1></center> <hr><center>nginx</center> </body> </html>
Found 2024-06-07 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-07 08:28
HTTP/1.1 302 Found Date: Fri, 07 Jun 2024 08:28:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: 5cf45e X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/5cf45e X-Robots-Tag: noindex Expires: Fri, 07 Jun 2024 08:28:47 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%225cf45e%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=7287cfdafaab2aa2d7c94e92880d9cc4; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-07 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-06 08:21
HTTP/1.1 302 Found Date: Thu, 06 Jun 2024 08:21:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: a8229c X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/a8229c X-Robots-Tag: noindex Expires: Thu, 06 Jun 2024 08:21:59 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%22a8229c%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=c28e4717fbeae53cc8a322e95fdcbf28; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-06 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-04 17:13
HTTP/1.1 302 Found Date: Tue, 04 Jun 2024 17:13:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: 449ee0 X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/449ee0 X-Robots-Tag: noindex Expires: Tue, 04 Jun 2024 17:13:09 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%22449ee0%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=8e466aa9eb2ad100cdc73bc42f9305a9; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-04 by HttpPluginCreate report
-
Open service 41.38.128.189:443 · auth.testing-eg.am-root.com
2024-06-02 19:11
HTTP/1.1 302 Found Date: Sun, 02 Jun 2024 19:11:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: max-age=0, must-revalidate, private Location: /ar/login X-Debug-Token: edf526 X-Debug-Token-Link: https://auth.testing-eg.am-root.com/_profiler/edf526 X-Robots-Tag: noindex Expires: Sun, 02 Jun 2024 19:11:05 GMT Set-Cookie: sf_redirect=%7B%22token%22%3A%22edf526%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22index%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fhtml%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A17%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax Set-Cookie: PHPSESSID=733ea99d6d1a200abcdf7c6a0edbbbbb; path=/; secure; httponly; samesite=lax Strict-Transport-Security: max-age=15724800; includeSubDomains Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization Access-Control-Max-Age: 1728000 Page title: Redirecting to /ar/login <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/ar/login'" /> <title>Redirecting to /ar/login</title> </head> <body> Redirecting to <a href="/ar/login">/ar/login</a>. </body> </html>Found 2024-06-02 by HttpPluginCreate report