nginx 1.26.1
tcp/443 tcp/80
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e072f2c86ab2f2c86ab2f2c86ab2f2c86ab2f2c86ab
Symfony profiler enabled: https://test.allesneakers.nl/_profiler/empty/search/results
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e0783b59a0d83b59a0d83b59a0d83b59a0d83b59a0d
Symfony profiler enabled: https://136.144.220.209/_profiler/empty/search/results
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e0781d1822181d1822181d1822181d1822181d18221
Symfony profiler enabled: https://prospedium.nl/_profiler/empty/search/results
Open service 136.144.220.209:80 · portal.prospedium.com
2024-06-20 08:55
HTTP/1.1 301 Moved Permanently Server: nginx/1.26.1 Date: Thu, 20 Jun 2024 08:55:14 GMT Content-Type: text/html Content-Length: 169 Connection: close Location: https://portal.prospedium.com:443/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.26.1</center> </body> </html>
Open service 136.144.220.209:443 · portal.prospedium.com
2024-06-20 08:55
HTTP/1.1 302 Found Server: nginx/1.26.1 Date: Thu, 20 Jun 2024 08:55:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2f5t16tgoimdrpa4cu5cq6stqr; path=/; secure; HttpOnly; SameSite=Lax Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://portal.prospedium.com/user/auth/login
Open service 136.144.220.209:443
2024-06-19 21:56
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Wed, 19 Jun 2024 21:57:05 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 966834 X-Debug-Token-Link: https://136.144.220.209/_profiler/966834 X-Robots-Tag: noindex Expires: Wed, 19 Jun 2024 21:57:08 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-18 16:17
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Tue, 18 Jun 2024 16:17:59 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: d431e0 X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/d431e0 X-Robots-Tag: noindex Expires: Tue, 18 Jun 2024 16:18:03 GMT
Open service 136.144.220.209:443
2024-06-17 22:29
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Mon, 17 Jun 2024 22:29:44 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 903a2a X-Debug-Token-Link: https://136.144.220.209/_profiler/903a2a X-Robots-Tag: noindex Expires: Mon, 17 Jun 2024 22:29:47 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-16 18:15
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Sun, 16 Jun 2024 18:15:25 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 7ba354 X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/7ba354 X-Robots-Tag: noindex Expires: Sun, 16 Jun 2024 18:15:28 GMT
Open service 136.144.220.209:22
2024-06-16 02:42
Open service 136.144.220.209:443
2024-06-15 22:53
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Sat, 15 Jun 2024 22:53:09 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: f6deff X-Debug-Token-Link: https://136.144.220.209/_profiler/f6deff X-Robots-Tag: noindex Expires: Sat, 15 Jun 2024 22:53:11 GMT
Open service 136.144.220.209:443
2024-06-15 08:55
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Sat, 15 Jun 2024 08:55:37 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 218a77 X-Debug-Token-Link: https://136.144.220.209/_profiler/218a77 X-Robots-Tag: noindex Expires: Sat, 15 Jun 2024 08:55:39 GMT
Open service 136.144.220.209:22
2024-06-13 14:45
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-12 15:29
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Wed, 12 Jun 2024 15:29:53 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 8333ad X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/8333ad X-Robots-Tag: noindex Expires: Wed, 12 Jun 2024 15:29:56 GMT
Open service 136.144.220.209:443
2024-06-11 21:02
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Tue, 11 Jun 2024 21:02:53 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 5a7026 X-Debug-Token-Link: https://136.144.220.209/_profiler/5a7026 X-Robots-Tag: noindex Expires: Tue, 11 Jun 2024 21:02:55 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-10 12:21
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Mon, 10 Jun 2024 12:21:27 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: f08dce X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/f08dce X-Robots-Tag: noindex Expires: Mon, 10 Jun 2024 12:21:30 GMT
Open service 136.144.220.209:443
2024-06-09 21:08
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Sun, 09 Jun 2024 21:08:35 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 069ec2 X-Debug-Token-Link: https://136.144.220.209/_profiler/069ec2 X-Robots-Tag: noindex Expires: Sun, 09 Jun 2024 21:08:38 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-08 01:53
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Sat, 08 Jun 2024 01:53:12 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 32f629 X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/32f629 X-Robots-Tag: noindex Expires: Sat, 08 Jun 2024 01:53:15 GMT
Open service 136.144.220.209:443
2024-06-07 19:57
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Fri, 07 Jun 2024 19:58:04 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: df2596 X-Debug-Token-Link: https://136.144.220.209/_profiler/df2596 X-Robots-Tag: noindex Expires: Fri, 07 Jun 2024 19:58:07 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-06 15:13
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Thu, 06 Jun 2024 15:13:29 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 9a075b X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/9a075b X-Robots-Tag: noindex Expires: Thu, 06 Jun 2024 15:13:32 GMT
Open service 136.144.220.209:443
2024-06-05 19:58
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Wed, 05 Jun 2024 19:58:23 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 592c3f X-Debug-Token-Link: https://136.144.220.209/_profiler/592c3f X-Robots-Tag: noindex Expires: Wed, 05 Jun 2024 19:58:25 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-04 17:39
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Tue, 04 Jun 2024 17:39:26 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: 86aaf3 X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/86aaf3 X-Robots-Tag: noindex Expires: Tue, 04 Jun 2024 17:39:29 GMT
Open service 136.144.220.209:443
2024-06-03 20:14
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Mon, 03 Jun 2024 20:14:43 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://136.144.220.209/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: fd52b3 X-Debug-Token-Link: https://136.144.220.209/_profiler/fd52b3 X-Robots-Tag: noindex Expires: Mon, 03 Jun 2024 20:14:46 GMT
Open service 136.144.220.209:443 · test.allesneakers.nl
2024-06-02 21:21
HTTP/1.1 200 OK Server: nginx/1.26.1 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=0, must-revalidate, private Date: Sun, 02 Jun 2024 21:21:09 GMT X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin permissions-policy: interest-cohort=() X-Powered-By: Bolt X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Link: <https://test.allesneakers.nl/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation" X-Debug-Token: bc3c2c X-Debug-Token-Link: https://test.allesneakers.nl/_profiler/bc3c2c X-Robots-Tag: noindex Expires: Sun, 02 Jun 2024 21:21:11 GMT