LeakIX - Host 104.20.12.189

Host 104.20.12.189

CLOUDFLARENET

Software information

cloudflare

tcp/443 tcp/80

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 104.20.12.189
Domain: adminapi.rapiddirect.com
Port: 443
URL: https://adminapi.rapiddirect.com

First seen 2024-03-20 09:03
Last seen 2024-11-10 07:55
Open for 234 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f87724131daa3b75d1d50c5ff85e7e1e37dfe
```
Found 11 files trough .DS_Store spidering:

/.htaccess
/index.php
/lose.png
/make.sh
/PayPal.log
/pipdf
/rapid.ico
/robots.txt
/router.php
/static
/upload
```
  Found on 2024-11-10 07:55
Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-11-02 06:58

HTTP/1.1 200 OK
Date: Sat, 02 Nov 2024 06:58:06 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8dc23bf16c24dc5e-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-11-02 by HttpPlugin

Create report

Open service 104.20.12.189:443 · api.rapiddirect.com

2024-11-02 00:10

HTTP/1.1 200 OK
Date: Sat, 02 Nov 2024 00:10:22 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8dbfe6affdd1d2ea-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-11-02 by HttpPlugin

Create report

Open service 104.20.12.189:80 · api.rapiddirect.com

2024-11-02 00:10

HTTP/1.1 200 OK
Date: Sat, 02 Nov 2024 00:10:22 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,PUT,GET,DELETE
Access-Control-Allow-Headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8dbfe6ae3c95db0e-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-11-02 by HttpPlugin

Create report

Open service 104.20.12.189:8443 · api.rapiddirect.com

2024-11-02 00:10
Found 2024-11-02 by HttpPlugin
Create report
Open service 104.20.12.189:8443 · rapiddirect.com

2024-11-01 10:25
Found 2024-11-01 by HttpPlugin
Create report

Open service 104.20.12.189:80 · rapiddirect.com

2024-11-01 10:25

HTTP/1.1 200 OK
Date: Fri, 01 Nov 2024 10:25:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
cf-edge-cache: no-cache
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8dbb2efd9f5a3db2-LHR

Page title: One moment, please...


<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="robots" content="noindex, nofollow">
    <title>One moment, please...</title>
    <style>
    body {
        background: #F6F7F8;
        color: #303131;
        font-family: sans-serif;
        margin-top: 45vh;
        text-align: center;
    }
    </style>
    </head>
<body>
    <h1>Please wait while your request is being verified...</h1>
    <form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="GET">
    <input type="hidden" id="wsidchk" name="wsidchk"/>
    </form>
    <script>
    (function(){
        var west=+((+!+[]+!![]+!![]+!![])+(+![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])),
            east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+[])+(+!+[])),
            x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} },
            y=function(y,z){x() ? document.addEventListener('DOMContentLoaded',y,z) : document.attachEvent('onreadystatechange',y);};
        y(function(){
            document.getElementById('wsidchk').value = west + east;
            document.getElementById('wsidchk-form').submit();
        }, false);
    })();
    </script>
</body>
</html>

Found 2024-11-01 by HttpPlugin

Create report

Open service 104.20.12.189:443 · rapiddirect.com

2024-11-01 10:25

HTTP/1.1 200 OK
Date: Fri, 01 Nov 2024 10:25:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
cf-edge-cache: no-cache
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8dbb2eff0f6a948e-LHR

Page title: One moment, please...


<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="robots" content="noindex, nofollow">
    <title>One moment, please...</title>
    <style>
    body {
        background: #F6F7F8;
        color: #303131;
        font-family: sans-serif;
        margin-top: 45vh;
        text-align: center;
    }
    </style>
    </head>
<body>
    <h1>Please wait while your request is being verified...</h1>
    <form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="GET">
    <input type="hidden" id="wsidchk" name="wsidchk"/>
    </form>
    <script>
    (function(){
        var west=+((+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])),
            east=+((+!+[])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])),
            x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} },
            y=function(y,z){x() ? document.addEventListener('DOMContentLoaded',y,z) : document.attachEvent('onreadystatechange',y);};
        y(function(){
            document.getElementById('wsidchk').value = west + east;
            document.getElementById('wsidchk-form').submit();
        }, false);
    })();
    </script>
</body>
</html>

Found 2024-11-01 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-11-01 03:31

HTTP/1.1 200 OK
Date: Fri, 01 Nov 2024 03:31:16 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8db8cf9adbc19f25-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-11-01 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-10-30 03:57

HTTP/1.1 200 OK
Date: Wed, 30 Oct 2024 03:58:00 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 8da87c015dfddc4c-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-10-30 by HttpPlugin

Create report

Open service 104.20.12.189:80

2024-10-28 23:50

HTTP/1.1 403 Forbidden
Date: Mon, 28 Oct 2024 23:50:01 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8d9ed363ef85942a-LHR


error code: 1003

Found 2024-10-28 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-10-20 21:34

HTTP/1.1 200 OK
Date: Sun, 20 Oct 2024 21:34:05 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8d5c2146aeaa42ca-EWR


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-10-20 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-10-18 23:30

HTTP/1.1 200 OK
Date: Fri, 18 Oct 2024 23:30:56 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8d4c51ae6b7fd3b5-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-10-18 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-10-17 01:32

HTTP/1.1 200 OK
Date: Thu, 17 Oct 2024 01:32:02 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8d3c884f6d416681-AMS


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-10-17 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-10-14 19:34

HTTP/1.1 200 OK
Date: Mon, 14 Oct 2024 19:34:51 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8d2a025b4c5ddb02-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-10-14 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-10-02 13:00

HTTP/1.1 200 OK
Date: Wed, 02 Oct 2024 13:00:19 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8cc4dfeb0a70926b-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-10-02 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-09-30 16:50

HTTP/1.1 200 OK
Date: Mon, 30 Sep 2024 16:50:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8cb5b5de9e3d18b3-FRA


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-09-30 by HttpPlugin

Create report

Open service 104.20.12.189:443 · adminapi.rapiddirect.com

2024-09-28 05:10

HTTP/1.1 200 OK
Date: Sat, 28 Sep 2024 05:10:26 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
access-control-allow-origin: *
access-control-allow-methods: POST,PUT,GET,DELETE
access-control-allow-headers: ApiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,version,userToken
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8ca13a1d4b9f6656-AMS


{"code":-1,"msg":"Interface address is abnormal","data":[],"err_msg":""}

Found 2024-09-28 by HttpPlugin

Create report

rapiddirect.com*.rapiddirect.com

Fingerprint:

7554b75d3082758053ae070427da338a720d22aba673775f0e68f69bbd249188

CN:

rapiddirect.com

Key:

ECDSA-256

Issuer:

WE1

Not before:

2024-11-01 12:59

Not after:

2025-01-30 12:59

rapiddirect.com*.rapiddirect.com

Fingerprint:

eb6b55dd3e6cf5db40afe26d7a0821b6970051567810f36d79b1346de9aaf57a

CN:

rapiddirect.com

Key:

ECDSA-256

Issuer:

WE1

Not before:

2024-09-03 09:43

Not after:

2024-12-02 09:43

Domain summary

adminapi.rapiddirect.com 10 api.rapiddirect.com 2 rapiddirect.com 2

3 recorded

Host 104.20.12.189

Software information

MacOS file listing through .DS_Store file

rapiddirect.com*.rapiddirect.com

rapiddirect.com*.rapiddirect.com

Domain summary