LeakIX - Host 173.212.227.231

Host 173.212.227.231

Germany

Contabo GmbH

Ubuntu

Software information

Apache Apache 2.4.41

tcp/443 tcp/80

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 173.212.227.231
Port: 443
URL: https://173.212.227.231

First seen 2022-06-16 17:29
Last seen 2024-06-19 22:53
Open for 734 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b709e45be822e19d46ba1d45746964fdc
```
Found 14 files trough .DS_Store spidering:

/.htaccess
/.htaccess.save
/bootstrap
/build
/bundles
/css
/images
/images/app_icon.png
/images/logo.png
/images/nhs_logo.png
/images/noprofilepic.png
/index.php
/js
/manifest.webmanifest
```
  Found on 2024-06-19 22:53
- Severity: low
  Fingerprint: 5f32cf5d6962f09c8329733f8329733fd8dfc16210d71178ad205fe3bb0ffc93
```
Found 10 files trough .DS_Store spidering:

/.htaccess
/.htaccess.save
/bootstrap
/build
/bundles
/css
/images
/index.php
/js
/manifest.webmanifest
```
  Found on 2024-06-17 22:17
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 173.212.227.231
Port: 443
URL: https://173.212.227.231/_profiler/empty/search/results

First seen 2022-09-12 17:56
Last seen 2024-06-19 22:53
Open for 646 days
- Fingerprint: 407cf4363b0e62fafca67e07a387ccfea387ccfea387ccfea387ccfea387ccfe
```
Symfony profiler enabled:
https://173.212.227.231/_profiler/empty/search/results
```
  Found on 2024-06-19 22:53
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 173.212.227.231
Port: 80
URL: http://173.212.227.231

First seen 2022-06-16 22:07
Last seen 2024-06-19 22:42
Open for 734 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b709e45be822e19d46ba1d45746964fdc
```
Found 14 files trough .DS_Store spidering:

/.htaccess
/.htaccess.save
/bootstrap
/build
/bundles
/css
/images
/images/app_icon.png
/images/logo.png
/images/nhs_logo.png
/images/noprofilepic.png
/index.php
/js
/manifest.webmanifest
```
  Found on 2024-06-19 22:42
- Severity: low
  Fingerprint: 5f32cf5d6962f09c8329733f8329733fd8dfc16210d71178ad205fe3bb0ffc93
```
Found 10 files trough .DS_Store spidering:

/.htaccess
/.htaccess.save
/bootstrap
/build
/bundles
/css
/images
/index.php
/js
/manifest.webmanifest
```
  Found on 2024-06-09 22:14
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 173.212.227.231
Port: 80
URL: http://173.212.227.231/_profiler/empty/search/results

First seen 2022-07-15 10:44
Last seen 2024-06-19 22:42
Open for 705 days
- Fingerprint: 407cf4363b0e62fafca67e0711f5981111f5981111f5981111f5981111f59811
```
Symfony profiler enabled:
http://173.212.227.231/_profiler/empty/search/results
```
  Found on 2024-06-19 22:42
Create report

Open service 173.212.227.231:443

2024-06-19 22:53

HTTP/1.1 302 Found
Date: Wed, 19 Jun 2024 22:53:17 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 257af2
X-Debug-Token-Link: https://173.212.227.231/_profiler/257af2
X-Robots-Tag: noindex
Expires: Wed, 19 Jun 2024 22:53:17 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%22257af2%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Set-Cookie: PHPSESSID=5uv858sni5mf2fij9dhv3dd0qe; path=/; secure; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 13 hours ago by HttpPlugin

Create report

Open service 173.212.227.231:80

2024-06-19 22:42

HTTP/1.1 302 Found
Date: Wed, 19 Jun 2024 22:42:05 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 045a3c
X-Debug-Token-Link: http://173.212.227.231/_profiler/045a3c
X-Robots-Tag: noindex
Expires: Wed, 19 Jun 2024 22:42:05 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%22045a3c%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; httponly; samesite=lax
Set-Cookie: PHPSESSID=v5l0lgrrm92en04vi9o85cfd36; path=/; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 13 hours ago by HttpPlugin

Create report

Open service 173.212.227.231:80

2024-06-19 21:39

HTTP/1.1 302 Found
Date: Wed, 19 Jun 2024 21:39:43 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 9500a6
X-Debug-Token-Link: http://173.212.227.231/_profiler/9500a6
X-Robots-Tag: noindex
Expires: Wed, 19 Jun 2024 21:39:43 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%229500a6%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; httponly; samesite=lax
Set-Cookie: PHPSESSID=mt5kr88qeb4bm1jbjpn7a7d9at; path=/; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 14 hours ago by HttpPlugin

Create report

Open service 173.212.227.231:443

2024-06-19 21:27

HTTP/1.1 302 Found
Date: Wed, 19 Jun 2024 21:27:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 8454ce
X-Debug-Token-Link: https://173.212.227.231/_profiler/8454ce
X-Robots-Tag: noindex
Expires: Wed, 19 Jun 2024 21:27:06 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%228454ce%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Set-Cookie: PHPSESSID=2t8njncolajkf4080ag2078hjf; path=/; secure; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 14 hours ago by HttpPlugin

Create report

Open service 173.212.227.231:443

2024-06-17 22:17

HTTP/1.1 302 Found
Date: Mon, 17 Jun 2024 22:18:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 1a69e9
X-Debug-Token-Link: https://173.212.227.231/_profiler/1a69e9
X-Robots-Tag: noindex
Expires: Mon, 17 Jun 2024 22:18:06 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%221a69e9%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Set-Cookie: PHPSESSID=u0o5ng2i5uku0sptdmndpu84i4; path=/; secure; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 3 days ago by HttpPlugin

Create report

Open service 173.212.227.231:80

2024-06-17 21:58

HTTP/1.1 302 Found
Date: Mon, 17 Jun 2024 21:58:04 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 1d1116
X-Debug-Token-Link: http://173.212.227.231/_profiler/1d1116
X-Robots-Tag: noindex
Expires: Mon, 17 Jun 2024 21:58:04 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%221d1116%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; httponly; samesite=lax
Set-Cookie: PHPSESSID=0gl08fk15tq2mrl0a2scv3ntc4; path=/; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 3 days ago by HttpPlugin

Create report

Open service 173.212.227.231:443

2024-06-17 21:52

HTTP/1.1 302 Found
Date: Mon, 17 Jun 2024 21:52:41 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 1ba364
X-Debug-Token-Link: https://173.212.227.231/_profiler/1ba364
X-Robots-Tag: noindex
Expires: Mon, 17 Jun 2024 21:52:41 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%221ba364%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Set-Cookie: PHPSESSID=fcdntl4f216jiditin1s6c4f20; path=/; secure; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 3 days ago by HttpPlugin

Create report

Open service 173.212.227.231:80

2024-06-17 21:50

HTTP/1.1 302 Found
Date: Mon, 17 Jun 2024 21:50:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 071641
X-Debug-Token-Link: http://173.212.227.231/_profiler/071641
X-Robots-Tag: noindex
Expires: Mon, 17 Jun 2024 21:50:01 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%22071641%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; httponly; samesite=lax
Set-Cookie: PHPSESSID=15vnjvhp828v2verpth3btmgo0; path=/; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 3 days ago by HttpPlugin

Create report

Open service 173.212.227.231:443

2024-06-16 03:30

HTTP/1.1 302 Found
Date: Sun, 16 Jun 2024 03:30:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: max-age=0, must-revalidate, private
Location: /login
X-Debug-Token: 00d437
X-Debug-Token-Link: https://173.212.227.231/_profiler/00d437
X-Robots-Tag: noindex
Expires: Sun, 16 Jun 2024 03:30:07 GMT
Set-Cookie: sf_redirect=%7B%22token%22%3A%2200d437%22%2C%22route%22%3A%22app_default%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CDefaultController%22%2C%22method%22%3A%22app_default%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fsrc%5C%2FController%5C%2FDefaultController.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D; path=/; secure; httponly; samesite=lax
Set-Cookie: PHPSESSID=dudbcdcpem8ideah64mghj0l2b; path=/; secure; httponly; samesite=lax
Content-Length: 270
Connection: close
Content-Type: text/html; charset=UTF-8

Page title: Redirecting to /login

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="refresh" content="0;url='/login'" />

        <title>Redirecting to /login</title>
    </head>
    <body>
        Redirecting to <a href="/login">/login</a>.
    </body>
</html>

Found 2024-06-16 by HttpPlugin