LeakIX - Host www.dsides.dev

Domain www.dsides.dev

Switzerland

Infomaniak Network SA

Software information

Apache Apache

tcp/443 tcp/80

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 84.16.76.224
Domain: www.dsides.dev
Port: 80
URL: http://www.dsides.dev

First seen 2023-04-10 21:13
Last seen 2024-05-13 00:59
Open for 398 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392ab381a1516acf5216c9384636f0625859c
```
Found 7 files trough .DS_Store spidering:

/build
/bundles
/fonts
/fonts/JoannaNova
/img
/media
/uploads
```
  Found on 2024-05-13 00:59
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 2001:1600:4:13:3648:edff:fef6:7990
Domain: www.dsides.dev
Port: 443
URL: https://www.dsides.dev/_profiler/empty/search/results

First seen 2022-09-24 23:33
Last seen 2024-05-13 02:56
Open for 596 days
- Fingerprint: 407cf4363b0e62fafca67e074950d89d4950d89d4950d89d4950d89d4950d89d
```
Symfony profiler enabled:
https://www.dsides.dev/_profiler/empty/search/results
```
  Found on 2024-05-13 02:56
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 84.16.76.224
Domain: www.dsides.dev
Port: 443
URL: https://www.dsides.dev

First seen 2023-02-03 21:53
Last seen 2024-05-13 02:56
Open for 464 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392ab381a1516acf5216c9384636f0625859c
```
Found 7 files trough .DS_Store spidering:

/build
/bundles
/fonts
/fonts/JoannaNova
/img
/media
/uploads
```
  Found on 2024-05-13 02:56
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 2001:1600:4:13:3648:edff:fef6:7990
Domain: www.dsides.dev
Port: 80
URL: http://www.dsides.dev/_profiler/empty/search/results

First seen 2022-09-24 23:33
Last seen 2024-05-13 01:42
Open for 596 days
- Fingerprint: 407cf4363b0e62fafca67e07b0ff1a98b0ff1a98b0ff1a98b0ff1a98b0ff1a98
```
Symfony profiler enabled:
http://www.dsides.dev/_profiler/empty/search/results
```
  Found on 2024-05-13 01:42
Create report

Open service 84.16.76.224:443 · www.dsides.dev

2024-05-13 02:56

HTTP/1.1 200 OK
date: Mon, 13 May 2024 02:56:38 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: b04f59
x-debug-token-link: https://www.dsides.dev/_profiler/b04f59
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-13 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:443 · www.dsides.dev

2024-05-13 01:58

HTTP/1.1 200 OK
date: Mon, 13 May 2024 01:58:52 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: cd2319
x-debug-token-link: https://www.dsides.dev/_profiler/cd2319
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-13 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:80 · www.dsides.dev

2024-05-13 01:42

HTTP/1.1 200 OK
date: Mon, 13 May 2024 01:42:32 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: d58a97
x-debug-token-link: http://www.dsides.dev/_profiler/d58a97
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-13 by HttpPlugin

Create report

Open service 84.16.76.224:80 · www.dsides.dev

2024-05-13 00:59

HTTP/1.1 200 OK
date: Mon, 13 May 2024 00:59:19 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 4e0ac9
x-debug-token-link: http://www.dsides.dev/_profiler/4e0ac9
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-13 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:443 · www.dsides.dev

2024-05-08 22:00

HTTP/1.1 200 OK
date: Wed, 08 May 2024 22:01:29 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 4b60fc
x-debug-token-link: https://www.dsides.dev/_profiler/4b60fc
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 84.16.76.224:443 · www.dsides.dev

2024-05-08 21:55

HTTP/1.1 200 OK
date: Wed, 08 May 2024 21:55:46 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: b0cd3c
x-debug-token-link: https://www.dsides.dev/_profiler/b0cd3c
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:80 · www.dsides.dev

2024-05-08 21:55

HTTP/1.1 200 OK
date: Wed, 08 May 2024 21:55:21 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 017cc7
x-debug-token-link: http://www.dsides.dev/_profiler/017cc7
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 84.16.76.224:80 · www.dsides.dev

2024-05-08 20:31

HTTP/1.1 200 OK
date: Wed, 08 May 2024 20:31:47 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 5c8b48
x-debug-token-link: http://www.dsides.dev/_profiler/5c8b48
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-08 by HttpPlugin

Create report

Open service 84.16.76.224:443 · www.dsides.dev

2024-05-07 22:54

HTTP/1.1 200 OK
date: Tue, 07 May 2024 22:54:30 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 06f9db
x-debug-token-link: https://www.dsides.dev/_profiler/06f9db
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-07 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:443 · www.dsides.dev

2024-05-07 22:54

HTTP/1.1 200 OK
date: Tue, 07 May 2024 22:54:28 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: daae9f
x-debug-token-link: https://www.dsides.dev/_profiler/daae9f
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-07 by HttpPlugin

Create report

Open service 84.16.76.224:80 · www.dsides.dev

2024-05-07 22:54

HTTP/1.1 200 OK
date: Tue, 07 May 2024 22:54:26 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: a8e441
x-debug-token-link: http://www.dsides.dev/_profiler/a8e441
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-07 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:80 · www.dsides.dev

2024-05-07 22:54

HTTP/1.1 200 OK
date: Tue, 07 May 2024 22:54:25 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 2092ec
x-debug-token-link: http://www.dsides.dev/_profiler/2092ec
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-07 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:443 · www.dsides.dev

2024-05-01 03:13

HTTP/1.1 200 OK
date: Wed, 01 May 2024 03:13:58 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 94442f
x-debug-token-link: https://www.dsides.dev/_profiler/94442f
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-05-01 by HttpPlugin

Create report

Open service 84.16.76.224:443 · www.dsides.dev

2024-04-30 22:45

HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 22:45:50 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 363bfa
x-debug-token-link: https://www.dsides.dev/_profiler/363bfa
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-30 by HttpPlugin

Create report

Open service 84.16.76.224:80 · www.dsides.dev

2024-04-30 22:41

HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 22:41:53 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: aaa27e
x-debug-token-link: http://www.dsides.dev/_profiler/aaa27e
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-30 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:80 · www.dsides.dev

2024-04-30 22:15

HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 22:15:50 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 137e08
x-debug-token-link: http://www.dsides.dev/_profiler/137e08
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-30 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:443 · www.dsides.dev

2024-04-29 01:18

HTTP/1.1 200 OK
date: Mon, 29 Apr 2024 01:18:31 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 1eb3cb
x-debug-token-link: https://www.dsides.dev/_profiler/1eb3cb
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-29 by HttpPlugin

Create report

Open service 84.16.76.224:80 · www.dsides.dev

2024-04-28 22:05

HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 22:05:31 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: ca5540
x-debug-token-link: http://www.dsides.dev/_profiler/ca5540
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-28 by HttpPlugin

Create report

Open service 84.16.76.224:443 · www.dsides.dev

2024-04-28 20:55

HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 20:55:58 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 38aac2
x-debug-token-link: https://www.dsides.dev/_profiler/38aac2
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-28 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:80 · www.dsides.dev

2024-04-28 19:02

HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 19:02:51 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: ad4aa4
x-debug-token-link: http://www.dsides.dev/_profiler/ad4aa4
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-28 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:443 · www.dsides.dev

2024-04-19 00:31

HTTP/1.1 200 OK
date: Fri, 19 Apr 2024 00:31:52 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: fd26be
x-debug-token-link: https://www.dsides.dev/_profiler/fd26be
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-19 by HttpPlugin

Create report

Open service 2001:1600:4:13:3648:edff:fef6:7990:80 · www.dsides.dev

2024-04-18 22:11

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 22:11:09 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: d1b547
x-debug-token-link: http://www.dsides.dev/_profiler/d1b547
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

Open service 84.16.76.224:80 · www.dsides.dev

2024-04-18 21:04

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 21:04:08 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 5ea0e2
x-debug-token-link: http://www.dsides.dev/_profiler/5ea0e2
x-robots-tag: noindex
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

Open service 84.16.76.224:443 · www.dsides.dev

2024-04-18 20:54

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 20:55:11 GMT
server: Apache
cache-control: no-cache, private
x-debug-token: 25117b
x-debug-token-link: https://www.dsides.dev/_profiler/25117b
x-robots-tag: noindex
strict-transport-security: max-age=16000000
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

Found 2024-04-18 by HttpPlugin

Create report

dsides.devwww.dsides.dev

Fingerprint:

7b71b4fba51731f4632e54f2507eb4fd45e823d9a346bd292f044cf573f311e1

CN:

dsides.dev

Key:

RSA-2048

Issuer:

Not before:

2024-05-07 21:54

Not after:

2024-08-05 21:54

dsides.devwww.dsides.dev

Fingerprint:

0c5bb8c5e9efecd671b9c4715e2668416052bba488ee79db40133cbe5e3837bd

CN:

dsides.dev

Key:

RSA-2048

Issuer:

Not before:

2024-03-05 20:54

Not after:

2024-06-03 20:54

Domain summary

www.dsides.dev 27

1 recorded

IP summary

84.16.76.224 1 2001:1600:4:13:3648:edff:fef6:7990 1

2 recorded

Domain www.dsides.dev

Switzerland

Software information

MacOS file listing through .DS_Store file

Symfony developement panel enabled

MacOS file listing through .DS_Store file

Symfony developement panel enabled

dsides.devwww.dsides.dev

dsides.devwww.dsides.dev

Domain summary

IP summary