Domain thenoor.co
Malaysia
GB Network Solutions Sdn. Bhd.
Software information

nginx-rc

tcp/443 tcp/80

  • MacOS file listing through .DS_Store file
    First seen 2022-11-27 00:27
    Last seen 2023-04-02 17:30
    Open for 126 days

    • Severity: low
      Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbea4796a04329ec4afe9ad047c606711a6

      Found 15 files trough .DS_Store spidering:

/activate.php
/blog
/Dockerfile
/ethis.php
/faq
/huawei.php
/index.php
/logo.svg
/logoColor.png
/logoColor.svg
/my
/post_deploy.sh
/README.md
/task-definition.json
/zoom.php
      Found on 2023-02-03 02:34

    • Severity: medium
      Fingerprint: 5f32cf5d6962f09c7d264b917d264b91a76c6f614be886b8b65af229e5ae54a1

      Found 52 files trough .DS_Store spidering:

/activate.php
/blog
/Dockerfile
/ethis.php
/faq
/huawei.php
/index.php
/logo.svg
/logoColor.png
/logoColor.svg
/my
/my/about.php
/my/activate.php
/my/assets
/my/audio
/my/bank-islam-app.php
/my/benefits-app.php
/my/brand-guidelines.php
/my/check-health.php
/my/contact-us-post.php
/my/contact-us.php
/my/contact.php
/my/css
/my/dockerconfig
/my/eid-fitri.php
/my/extra-app-tng.php
/my/extras-app.php
/my/features.php
/my/features2.php
/my/hajj.php
/my/images
/my/includes
/my/index.php
/my/invoice-receipt.php
/my/js
/my/merchants.php
/my/portfolio-details.html
/my/portfolio.html
/my/privacy-policy.php
/my/raya-eid.php
/my/return-and-refund-policy.php
/my/sendemail.php
/my/services.html
/my/shop.html
/my/support.php
/my/team.php
/my/terms-policy.php
/my/webfonts
/post_deploy.sh
/README.md
/task-definition.json
/zoom.php
      Found on 2023-02-03 02:34

    • Severity: medium
      Fingerprint: 5f32cf5d6962f09cdecb5675decb5675eb9ded4e68a3d1c8e79dc42247d2ae72

      Found 81 files trough .DS_Store spidering:

/.git
/.github
/activate.php
/blog
/blog/index.php
/blog/license.txt
/blog/readme.html
/blog/wp-activate.php
/blog/wp-admin
/blog/wp-blog-header.php
/blog/wp-comments-post.php
/blog/wp-config-bak.php
/blog/wp-config-sample.php
/blog/wp-config.php
/blog/wp-content
/blog/wp-content/index.php
/blog/wp-content/plugins
/blog/wp-content/plugins/google-site-kit
/blog/wp-content/plugins/ilab-media-tools
/blog/wp-content/plugins/ilab-media-tools/lib
/blog/wp-content/plugins/ilab-media-tools/lib/mcloud-aws
/blog/wp-content/plugins/ilab-media-tools/lib/mcloud-google
/blog/wp-content/plugins/ilab-media-tools/lib/mcloud-symfony
/blog/wp-content/themes
/blog/wp-content/themes/index.php
/blog/wp-content/themes/twentyfifteen
/blog/wp-content/themes/twentyfifteen/404.php
/blog/wp-content/themes/twentyfifteen/archive.php
/blog/wp-content/themes/twentyfifteen/assets
/blog/wp-content/themes/twentyfifteen/author-bio.php
/blog/wp-content/themes/twentyfifteen/comments.php
/blog/wp-content/themes/twentyfifteen/content-link.php
/blog/wp-content/themes/twentyfifteen/content-none.php
/blog/wp-content/themes/twentyfifteen/content-page.php
/blog/wp-content/themes/twentyfifteen/content-search.php
/blog/wp-content/themes/twentyfifteen/content.php
/blog/wp-content/themes/twentyfifteen/css
/blog/wp-content/themes/twentyfifteen/footer.php
/blog/wp-content/themes/twentyfifteen/functions.php
/blog/wp-content/themes/twentyfifteen/genericons
/blog/wp-content/themes/twentyfifteen/header.php
/blog/wp-content/themes/twentyfifteen/image.php
/blog/wp-content/themes/twentyfifteen/inc
/blog/wp-content/themes/twentyfifteen/index.php
/blog/wp-content/themes/twentyfifteen/js
/blog/wp-content/themes/twentyfifteen/page.php
/blog/wp-content/themes/twentyfifteen/readme.txt
/blog/wp-content/themes/twentyfifteen/rtl.css
/blog/wp-content/themes/twentyfifteen/screenshot.png
/blog/wp-content/themes/twentyfifteen/search.php
/blog/wp-content/themes/twentyfifteen/sidebar.php
/blog/wp-content/themes/twentyfifteen/single.php
/blog/wp-content/themes/twentyfifteen/style.css
/blog/wp-content/themes/twentytwenty
/blog/wp-content/themes/twentytwentyone
/blog/wp-content/themes/twentytwentytwo
/blog/wp-content/upgrade
/blog/wp-content/uploads
/blog/wp-cron.php
/blog/wp-includes
/blog/wp-links-opml.php
/blog/wp-load.php
/blog/wp-login.php
/blog/wp-mail.php
/blog/wp-settings.php
/blog/wp-signup.php
/blog/wp-trackback.php
/blog/xmlrpc.php
/Dockerfile
/ethis.php
/faq
/huawei.php
/index.php
/logo.svg
/logoColor.png
/logoColor.svg
/my
/post_deploy.sh
/README.md
/task-definition.json
/zoom.php
      Found on 2022-11-27 00:27
    Create report
  • Git configuration and history exposed
    First seen 2022-11-27 00:27
    Last seen 2023-04-02 17:30
    Open for 126 days

    • Severity: medium
      Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65221920e35b

      [core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/NoorLuminous/thenoor-co
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
      Found on 2022-11-27 00:27
      220 Bytes
    Create report

  • Open service 103.164.203.67:80 · thenoor-web-api-bucket-staging.thenoor.co

    2026-01-26 10:37 

    HTTP/1.1 301 Moved Permanently
Server: nginx-rc
Date: Mon, 26 Jan 2026 10:37:32 GMT
Content-Type: text/html
Content-Length: 174
Connection: close
Location: https://thenoor-web-api-bucket-staging.thenoor.co/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx-rc/1.27.1.2</center>
</body>
</html>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 103.164.203.67:443 · thenoor-web-api-bucket-staging.thenoor.co

    2026-01-26 10:37 

    HTTP/1.1 200 OK
Server: nginx-rc
Date: Mon, 26 Jan 2026 10:37:33 GMT
Content-Type: application/xml
Content-Length: 612
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Vary: Accept-Encoding
X-Amz-Id-2: c5b5987549aa76384c3422182f859f13f04386a6dacc09dbbea876b512d3fe0e
X-Amz-Request-Id: 188E419EA645FF5C
X-Content-Type-Options: nosniff
X-Ratelimit-Limit: 18430
X-Ratelimit-Remaining: 18430
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Cache-Control: public, max-age=31536000


<?xml version="1.0" encoding="UTF-8"?>
<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Name>thenoor-web-api-staging</Name><Prefix></Prefix><Marker></Marker><MaxKeys>1000</MaxKeys><IsTruncated>false</IsTruncated><Contents><Key>reward-categories/01KFJ68QJFFYABRD2RTR2ZS72F.png</Key><LastModified>2026-01-22T06:29:01.766Z</LastModified><ETag>&#34;55a7822d4c856c5134143ef86e04602c&#34;</ETag><Size>47192</Size><Owner><ID>02d6176db174dc93cb1b899f7c6078f08654445fe8cf1b6ce98d8855f66bdbf4</ID><DisplayName>minio</DisplayName></Owner><StorageClass>STANDARD</StorageClass></Contents></ListBucketResult>
    Found 2026-01-26 by HttpPlugin
    Create report

  • Open service 103.164.203.43:80 · blog.thenoor.co

    2026-01-23 04:28 

    HTTP/1.1 200 OK
Server: nginx-rc
Date: Fri, 23 Jan 2026 04:28:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Link: <https://thenoor.co/blog/wp-json/>; rel="https://api.w.org/"
    Found 2026-01-23 by HttpPlugin
    Create report

  • Open service 103.164.203.108:80 · geocode.thenoor.co

    2026-01-05 02:05 

    HTTP/1.1 200 OK
Server: nginx-rc
Date: Mon, 05 Jan 2026 02:05:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 148
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
ETag: W/"94-WKbSc+gLImjDBYuSkg1UTwB7yN0"
X-Cache-Status: HIT
Cache-Control: public, max-age=31536000, immutable


{"message":"Thenoor Geocode API - Simple Version","endpoints":{"health":"/health-check","reverseGeocode":"/reverse?latitude={lat}&longitude={lng}"}}
    Found 2026-01-05 by HttpPlugin
    Create report

  • Open service 103.164.203.108:443 · geocode.thenoor.co

    2026-01-05 02:05 

    HTTP/1.1 200 OK
Server: nginx-rc
Date: Mon, 05 Jan 2026 02:05:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 148
Connection: close
Vary: Accept-Encoding
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
ETag: W/"94-WKbSc+gLImjDBYuSkg1UTwB7yN0"
X-Cache-Status: HIT
Cache-Control: public, max-age=31536000, immutable


{"message":"Thenoor Geocode API - Simple Version","endpoints":{"health":"/health-check","reverseGeocode":"/reverse?latitude={lat}&longitude={lng}"}}
    Found 2026-01-05 by HttpPlugin
    Create report
thenoor-web-api-bucket-staging.thenoor.co
Fingerprint:
329fa3d31be7b3f590ec558d899a36f8486240dc51d0e429098028ff6a3af88a
CN:
thenoor-web-api-bucket-staging.thenoor.co
Key:
RSA-2048
Issuer:
R12
Not before:
2026-01-26 09:37
Not after:
2026-04-26 09:37
geocode.thenoor.co
Fingerprint:
6eb5d4f250493581d04b2a146da3e798bc69cd7bda7ad79558b8d95a149df444
CN:
geocode.thenoor.co
Key:
RSA-2048
Issuer:
R13
Not before:
2025-12-30 11:44
Not after:
2026-03-30 11:44
Domain summary

thenoor.co 4 thenoor-web-api-bucket-staging.thenoor.co 1 blog.thenoor.co 0 geocode.thenoor.co 1

4 recorded
IP summary

103.164.203.67 2 103.164.203.108 2 103.164.203.43 1 65.9.95.92 1 65.9.95.103 1 13.225.78.92 1

6 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice