Apache
tcp/443 tcp/80
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: medium
Fingerprint: 5f32cf5d6962f09cb3107650b3107650ab60e2eb9a773fe5ac2bf4ef66533767
Found 39 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-content/blogs.dir /wp-content/languages /wp-content/mu-plugins /wp-content/plugins /wp-content/plugins/the-events-calendar /wp-content/themes /wp-content/themes-ai1ec /wp-content/upgrade /wp-content/wptouch-data /wp-includes /wp-includes/blocks /wp-includes/certificates /wp-includes/css /wp-includes/customize /wp-includes/fonts /wp-includes/ID3 /wp-includes/images /wp-includes/IXR /wp-includes/js /wp-includes/pomo /wp-includes/random_compat /wp-includes/Requests /wp-includes/rest-api /wp-includes/SimplePie /wp-includes/Text /wp-includes/theme-compat /wp-includes/widgets /wp-snapshots /wp-snapshots/tmp
Severity: medium
Fingerprint: 5f32cf5d6962f09c8f03d7bd8f03d7bd7a5914b625030af26cd27f5e41240fec
Found 38 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-content/blogs.dir /wp-content/languages /wp-content/mu-plugins /wp-content/plugins /wp-content/plugins/the-events-calendar /wp-content/themes /wp-content/themes-ai1ec /wp-content/upgrade /wp-content/wptouch-data /wp-includes /wp-includes/blocks /wp-includes/certificates /wp-includes/css /wp-includes/customize /wp-includes/fonts /wp-includes/ID3 /wp-includes/images /wp-includes/IXR /wp-includes/js /wp-includes/pomo /wp-includes/random_compat /wp-includes/Requests /wp-includes/rest-api /wp-includes/SimplePie /wp-includes/Text /wp-includes/theme-compat /wp-includes/widgets /wp-snapshots
Severity: low
Fingerprint: 5f32cf5d6962f09cab28146bab28146bc5e644fc625d1ec0e0a5931c534f4c35
Found 21 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-content/blogs.dir /wp-content/languages /wp-content/mu-plugins /wp-content/plugins /wp-content/plugins/the-events-calendar /wp-content/themes /wp-content/themes-ai1ec /wp-content/upgrade /wp-content/wptouch-data /wp-includes /wp-snapshots
Severity: low
Fingerprint: 5f32cf5d6962f09c11d3744d11d3744df433c9e649bfb44262525d8e8adc43e4
Found 12 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-includes /wp-snapshots
Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e96cf7d2f2086cad06c8c5bec040662e2a
Found 5 files trough .DS_Store spidering: /audio /wp-admin /wp-content /wp-includes /wp-snapshots
Severity: low
Fingerprint: 5f32cf5d6962f09c3838040e3838040ef982103967f19ac3ced65ca5c772d122
Found 20 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-content/blogs.dir /wp-content/languages /wp-content/mu-plugins /wp-content/plugins /wp-content/themes /wp-content/themes-ai1ec /wp-content/upgrade /wp-content/wptouch-data /wp-includes /wp-snapshots
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c11d3744d11d3744df433c9e649bfb44262525d8e8adc43e4
Found 12 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-includes /wp-snapshots
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: medium
Fingerprint: 5f32cf5d6962f09cb3107650b3107650ab60e2eb9a773fe5ac2bf4ef66533767
Found 39 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-content/blogs.dir /wp-content/languages /wp-content/mu-plugins /wp-content/plugins /wp-content/plugins/the-events-calendar /wp-content/themes /wp-content/themes-ai1ec /wp-content/upgrade /wp-content/wptouch-data /wp-includes /wp-includes/blocks /wp-includes/certificates /wp-includes/css /wp-includes/customize /wp-includes/fonts /wp-includes/ID3 /wp-includes/images /wp-includes/IXR /wp-includes/js /wp-includes/pomo /wp-includes/random_compat /wp-includes/Requests /wp-includes/rest-api /wp-includes/SimplePie /wp-includes/Text /wp-includes/theme-compat /wp-includes/widgets /wp-snapshots /wp-snapshots/tmp
Fingerprint: 5f32cf5d6962f09c11d3744d11d3744df433c9e649bfb44262525d8e8adc43e4
Found 12 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-includes /wp-snapshots
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c3838040e3838040ef982103967f19ac3ced65ca5c772d122
Found 20 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-content/blogs.dir /wp-content/languages /wp-content/mu-plugins /wp-content/plugins /wp-content/themes /wp-content/themes-ai1ec /wp-content/upgrade /wp-content/wptouch-data /wp-includes /wp-snapshots
Severity: low
Fingerprint: 5f32cf5d6962f09c11d3744d11d3744df433c9e649bfb44262525d8e8adc43e4
Found 12 files trough .DS_Store spidering: /audio /wp-admin /wp-admin/css /wp-admin/images /wp-admin/includes /wp-admin/js /wp-admin/maint /wp-admin/network /wp-admin/user /wp-content /wp-includes /wp-snapshots
PHPinfo page has been found in this directory. The PHPinfo page outputs a large amount of information about the current state of PHP.
This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License.
Environment variables may contain credentials.
Fingerprint: 2c44e2a6278fb0134173d6fa8a4be714b772c9baaeb804978432088de8e2a375
Found PHP info page: $_SERVER['USER'] = apache $_SERVER['HOME'] = /usr/share/httpd $_SERVER['SCRIPT_NAME'] = /info.php $_SERVER['REQUEST_URI'] = /info.php $_SERVER['QUERY_STRING'] = no value $_SERVER['REQUEST_METHOD'] = GET $_SERVER['SERVER_PROTOCOL'] = HTTP/1.1 $_SERVER['GATEWAY_INTERFACE'] = CGI/1.1 $_SERVER['REMOTE_PORT'] = 59310 $_SERVER['SCRIPT_FILENAME'] = /home/blogs/public_html/info.php $_SERVER['SERVER_ADMIN'] = root@localhost $_SERVER['CONTEXT_DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['CONTEXT_PREFIX'] = no value $_SERVER['REQUEST_SCHEME'] = https $_SERVER['DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['REMOTE_ADDR'] = 134.122.112.12 $_SERVER['SERVER_PORT'] = 443 $_SERVER['SERVER_ADDR'] = 10.254.90.155 $_SERVER['SERVER_NAME'] = 194.80.70.51 $_SERVER['SERVER_SOFTWARE'] = Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 $_SERVER['SERVER_SIGNATURE'] = no value $_SERVER['PATH'] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin $_SERVER['HTTP_CONNECTION'] = close $_SERVER['HTTP_ACCEPT_ENCODING'] = gzip $_SERVER['HTTP_USER_AGENT'] = Go-http-client/1.1 $_SERVER['HTTP_HOST'] = 194.80.70.51 $_SERVER['proxy-nokeepalive'] = 1 $_SERVER['HTTPS'] = on $_SERVER['SCRIPT_URI'] = https://194.80.70.51/info.php $_SERVER['SCRIPT_URL'] = /info.php $_SERVER['UNIQUE_ID'] = YPQv5RtvkXjI-wprGvKt6wAAAAQ $_SERVER['FCGI_ROLE'] = RESPONDER $_SERVER['PHP_SELF'] = /info.php $_SERVER['REQUEST_TIME_FLOAT'] = 1626615781.4912 $_SERVER['REQUEST_TIME'] = 1626615781
PHPinfo page has been found in this directory. The PHPinfo page outputs a large amount of information about the current state of PHP.
This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License.
Environment variables may contain credentials.
Fingerprint: 2c44e2a6278fb0134173d6fa8a4be714b772c9baaeb804978432088da1bb0dfd
Found PHP info page: $_SERVER['USER'] = apache $_SERVER['HOME'] = /usr/share/httpd $_SERVER['SCRIPT_NAME'] = /info.php $_SERVER['REQUEST_URI'] = /info.php $_SERVER['QUERY_STRING'] = no value $_SERVER['REQUEST_METHOD'] = GET $_SERVER['SERVER_PROTOCOL'] = HTTP/1.1 $_SERVER['GATEWAY_INTERFACE'] = CGI/1.1 $_SERVER['REMOTE_PORT'] = 60768 $_SERVER['SCRIPT_FILENAME'] = /home/blogs/public_html/info.php $_SERVER['SERVER_ADMIN'] = root@localhost $_SERVER['CONTEXT_DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['CONTEXT_PREFIX'] = no value $_SERVER['REQUEST_SCHEME'] = http $_SERVER['DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['REMOTE_ADDR'] = 167.99.133.28 $_SERVER['SERVER_PORT'] = 80 $_SERVER['SERVER_ADDR'] = 10.254.90.155 $_SERVER['SERVER_NAME'] = 194.80.70.51 $_SERVER['SERVER_SOFTWARE'] = Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 $_SERVER['SERVER_SIGNATURE'] = no value $_SERVER['PATH'] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin $_SERVER['HTTP_ACCEPT_ENCODING'] = gzip $_SERVER['HTTP_USER_AGENT'] = Go-http-client/1.1 $_SERVER['HTTP_HOST'] = 194.80.70.51 $_SERVER['proxy-nokeepalive'] = 1 $_SERVER['SCRIPT_URI'] = http://194.80.70.51/info.php $_SERVER['SCRIPT_URL'] = /info.php $_SERVER['UNIQUE_ID'] = YN3aj8SIIOAT1cMmg-pgugAAAAM $_SERVER['FCGI_ROLE'] = RESPONDER $_SERVER['PHP_SELF'] = /info.php $_SERVER['REQUEST_TIME_FLOAT'] = 1625152143.344 $_SERVER['REQUEST_TIME'] = 1625152143
Fingerprint: 2c44e2a6278fb0134173d6fa8a4be714b772c9baaeb804978432088d9d5ea0bb
Found PHP info page: $_SERVER['USER'] = apache $_SERVER['HOME'] = /usr/share/httpd $_SERVER['SCRIPT_NAME'] = /info.php $_SERVER['REQUEST_URI'] = /info.php $_SERVER['QUERY_STRING'] = no value $_SERVER['REQUEST_METHOD'] = GET $_SERVER['SERVER_PROTOCOL'] = HTTP/1.1 $_SERVER['GATEWAY_INTERFACE'] = CGI/1.1 $_SERVER['REMOTE_PORT'] = 37172 $_SERVER['SCRIPT_FILENAME'] = /home/blogs/public_html/info.php $_SERVER['SERVER_ADMIN'] = root@localhost $_SERVER['CONTEXT_DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['CONTEXT_PREFIX'] = no value $_SERVER['REQUEST_SCHEME'] = http $_SERVER['DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['REMOTE_ADDR'] = 167.99.133.28 $_SERVER['SERVER_PORT'] = 80 $_SERVER['SERVER_ADDR'] = 10.254.90.155 $_SERVER['SERVER_NAME'] = 194.80.70.51 $_SERVER['SERVER_SOFTWARE'] = Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 $_SERVER['SERVER_SIGNATURE'] = no value $_SERVER['PATH'] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin $_SERVER['HTTP_ACCEPT_ENCODING'] = gzip $_SERVER['HTTP_USER_AGENT'] = Go-http-client/1.1 $_SERVER['HTTP_HOST'] = 194.80.70.51 $_SERVER['proxy-nokeepalive'] = 1 $_SERVER['SCRIPT_URI'] = http://194.80.70.51/info.php $_SERVER['SCRIPT_URL'] = /info.php $_SERVER['UNIQUE_ID'] = YNotsLBI61MNlS7B2EQSIAAAAA8 $_SERVER['FCGI_ROLE'] = RESPONDER $_SERVER['PHP_SELF'] = /info.php $_SERVER['REQUEST_TIME_FLOAT'] = 1624911280.2083 $_SERVER['REQUEST_TIME'] = 1624911280
Fingerprint: 2c44e2a6278fb0134173d6fa8a4be714b772c9baaeb804978432088d300ec317
Found PHP info page: $_SERVER['USER'] = apache $_SERVER['HOME'] = /usr/share/httpd $_SERVER['SCRIPT_NAME'] = /info.php $_SERVER['REQUEST_URI'] = /info.php $_SERVER['QUERY_STRING'] = no value $_SERVER['REQUEST_METHOD'] = GET $_SERVER['SERVER_PROTOCOL'] = HTTP/1.1 $_SERVER['GATEWAY_INTERFACE'] = CGI/1.1 $_SERVER['REMOTE_PORT'] = 49660 $_SERVER['SCRIPT_FILENAME'] = /home/blogs/public_html/info.php $_SERVER['SERVER_ADMIN'] = root@localhost $_SERVER['CONTEXT_DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['CONTEXT_PREFIX'] = no value $_SERVER['REQUEST_SCHEME'] = http $_SERVER['DOCUMENT_ROOT'] = /home/blogs/public_html $_SERVER['REMOTE_ADDR'] = 167.71.13.196 $_SERVER['SERVER_PORT'] = 80 $_SERVER['SERVER_ADDR'] = 10.254.90.155 $_SERVER['SERVER_NAME'] = 194.80.70.51 $_SERVER['SERVER_SOFTWARE'] = Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 $_SERVER['SERVER_SIGNATURE'] = no value $_SERVER['PATH'] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin $_SERVER['HTTP_CONNECTION'] = close $_SERVER['HTTP_ACCEPT_ENCODING'] = gzip $_SERVER['HTTP_USER_AGENT'] = l9explore/1.0.0 $_SERVER['HTTP_HOST'] = 194.80.70.51 $_SERVER['proxy-nokeepalive'] = 1 $_SERVER['SCRIPT_URI'] = http://194.80.70.51/info.php $_SERVER['SCRIPT_URL'] = /info.php $_SERVER['UNIQUE_ID'] = YMZAKPJ-dbbtnjjAK7ejAgAAAAg $_SERVER['FCGI_ROLE'] = RESPONDER $_SERVER['PHP_SELF'] = /info.php $_SERVER['REQUEST_TIME_FLOAT'] = 1623605288.3504 $_SERVER['REQUEST_TIME'] = 1623605288
Open service 194.80.70.51:80
2024-06-20 01:35
HTTP/1.1 302 Found Date: Thu, 20 Jun 2024 01:35:45 GMT Server: Apache Location: https://194.80.70.51/ Content-Length: 205 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://194.80.70.51/">here</a>.</p> </body></html>
Open service 194.80.70.51:443
2024-06-02 12:08
HTTP/1.1 302 Found Date: Sun, 02 Jun 2024 12:08:50 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6ImY2eFFUdG5CMTZwZjZCeGs2K1JYZ0E9PSIsInZhbHVlIjoiYlQ5Z09La0hKWkN1azBvSnRwem5vS1hvck50NTc4ZkF0NzF6d0R5UlV0akRNNG5RSmhGVHQ1UnpvbVIzTWpsTUlyY3pTMUx3a214c2J4TG5PSDdIeFdIeHVFQlIxZ2o3ekdlTFFzKzZOaFltOXVueEhiN1hqWHFmWmozcG9ZZVUiLCJtYWMiOiIzYTQwOWFiZGI4YjdjMTY0YTgwYzNmOTYxY2UzODU5YmI1YzRiOTBlNTRlOGI5MmY2YmUwMmRmYzkwNjY4MzY3IiwidGFnIjoiIn0%3D; expires=Sun, 02-Jun-2024 14:08:50 GMT; Max-Age=7200; path=/; samesite=lax Set-Cookie: cispr_session=eyJpdiI6Imcwei9HcWdMeitEU1p0SEJDM2tVSWc9PSIsInZhbHVlIjoiUERlSFQ4VmJxS0pYQm00aElBQzZXKzNtaTN0NUJsdXI5RGg1OWFPR1UzdFJwZDFlaGhHbng3SWFONWxEN1dDcG9LeS9LcEg5OENRY1dJSzFBV0pPbVYwYlU4MzRVOXFXakJCeXFUcytxN1IrMC9rc1dpTWY5NUVkazMzSi9xcUwiLCJtYWMiOiJmZDAxNmRjZWM2YjM3N2RlMzI1ODcyOTUyMThjYmUyM2I3NjUwMmNhYzE4YWViMmViNGM1YzdiM2Y1NjVmNzhlIiwidGFnIjoiIn0%3D; expires=Sun, 02-Jun-2024 14:08:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax Strict-Transport-Security: max-age=15552000; includeSubDomains Location: https://194.80.70.51/signin Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Page title: Redirecting to https://194.80.70.51/signin <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://194.80.70.51/signin'" /> <title>Redirecting to https://194.80.70.51/signin</title> </head> <body> Redirecting to <a href="https://194.80.70.51/signin">https://194.80.70.51/signin</a>. </body> </html>