LeakIX - Host 2.16.1.137

Host 2.16.1.137

Germany

Akamai International B.V.

Software information

AkamaiGHost

tcp/80

Microsoft-IIS 10.0

tcp/443 tcp/80

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 2.16.183.75
Domain: assets.ets-testready-nonprod.c.ets.org
Port: 443
URL: https://assets.ets-testready-nonprod.c.ets.org

First seen 2023-12-15 20:45
Last seen 2025-11-20 13:54
Open for 705 days

Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a02c33ef9db54b4cb6a1c54df915d2571e

Found 13 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/listening/1
/ttp/listening/2
/ttp/listening/practice1
/ttp/reading
/ttp/reading/1
/ttp/reading/2
/ttp/reading/practice1
/ttp/speaking
/ttp/writing
/ttp/writing/1
/ttp/writing/2

Found on 2025-11-20 13:54

Severity: low
Fingerprint: 5f32cf5d6962f09c8329733f8329733fab9e8c3667ebd8cdebd1d5a197b726b4

Found 10 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/reading
/ttp/reading/1
/ttp/reading/2
/ttp/reading/practice1
/ttp/speaking
/ttp/speaking/1
/ttp/speaking/2
/ttp/writing

Found on 2025-11-14 07:33

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8c9dc8a08c9dc8a08c9dc8a08c9dc8a0
```
Found 1 files trough .DS_Store spidering:

/ttp
```
Found on 2025-11-02 18:34

Severity: low
Fingerprint: 5f32cf5d6962f09c8329733f8329733fab9e8c3667ebd8cdebd1d5a1f5b4e824

Found 10 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/reading
/ttp/reading/1
/ttp/reading/2
/ttp/reading/practice1
/ttp/speaking
/ttp/writing
/ttp/writing/1
/ttp/writing/2

Found on 2025-10-24 13:48

Severity: low
Fingerprint: 5f32cf5d6962f09c3af247253af247252bcc2398a0868a7f3e5ce24ff8ff4e8b

Found 9 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/reading
/ttp/speaking
/ttp/speaking/1
/ttp/speaking/2
/ttp/writing
/ttp/writing/1
/ttp/writing/2

Found on 2025-10-10 07:24

Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392ab902b016a247ab7f1ad0efb458e140026

Found 7 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/reading
/ttp/speaking
/ttp/speaking/1
/ttp/speaking/2
/ttp/writing

Found on 2025-10-08 08:19

Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e94393c00492bc571bfaf18f6b3764ef77
```
Found 5 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/reading
/ttp/speaking
/ttp/writing
```
Found on 2025-10-04 05:14

Severity: low
Fingerprint: 5f32cf5d6962f09cec7f8772ec7f87726312fa1bf5712454b70345ebc4694f6f

Found 11 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/listening/1
/ttp/listening/2
/ttp/listening/practice1
/ttp/reading
/ttp/reading/1
/ttp/reading/2
/ttp/reading/practice1
/ttp/speaking
/ttp/writing

Found on 2024-12-16 10:35

Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a02c33ef9db54b4cb6a1c54df9675b2d26

Found 13 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/listening/1
/ttp/listening/2
/ttp/listening/practice1
/ttp/reading
/ttp/reading/1
/ttp/reading/2
/ttp/reading/practice1
/ttp/speaking
/ttp/speaking/1
/ttp/speaking/2
/ttp/writing

Found on 2024-12-02 16:09

Severity: low
Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d81b5692650f5b988e015d94118f9a2747

Found 8 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/listening/1
/ttp/listening/2
/ttp/listening/practice1
/ttp/reading
/ttp/speaking
/ttp/writing

Found on 2024-11-10 14:58

Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbea748cedf8328e4186efaf0d7a0446253

Found 15 files trough .DS_Store spidering:

/ttp
/ttp/listening
/ttp/listening/1
/ttp/listening/2
/ttp/listening/practice1
/ttp/reading
/ttp/reading/1
/ttp/reading/2
/ttp/reading/practice1
/ttp/speaking
/ttp/speaking/1
/ttp/speaking/2
/ttp/writing
/ttp/writing/1
/ttp/writing/2

Found on 2024-11-02 17:19

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 2.16.1.137
Domain: dataviz.pangea-cms.com
Port: 443
URL: https://dataviz.pangea-cms.com

First seen 2024-09-23 12:14
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642b9618ce7dde54115dde54115dde54115
```
Found 2 files trough .DS_Store spidering:

/.git
/README.md
```
  Found on 2024-09-23 12:14
Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 2.16.1.137
Domain: dataviz.pangea-cms.com
Port: 443
URL: https://dataviz.pangea-cms.com

First seen 2024-09-23 12:14

Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b3ee0a1f

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	longpaths = true
[remote "origin"]
	url = https://pangeadigital@dev.azure.com/pangeadigital/Microsites/_git/dataviz
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http]
	version = HTTP/1.1
[branch "develop"]
	remote = origin
	merge = refs/heads/develop
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2024-09-23 12:14

418 Bytes

Create report

Open service 2.16.1.137:443 · files.elle.gr

2026-01-26 13:04

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 1233
Date: Mon, 26 Jan 2026 13:04:18 GMT
Connection: close

Page title: 403 - Forbidden: Access is denied.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.1.137:80 · files.elle.gr

2026-01-26 13:04

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://files.elle.gr/
Date: Mon, 26 Jan 2026 13:04:39 GMT
Connection: close

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.1.137:80 · files.forbesgreece.gr

2026-01-26 10:45

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://files.forbesgreece.gr/
Date: Mon, 26 Jan 2026 10:45:40 GMT
Connection: close

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.1.137:443 · files.forbesgreece.gr

2026-01-26 10:45

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Timing-Allow-Origin: *
Content-Length: 1233
Date: Mon, 26 Jan 2026 10:45:18 GMT
Connection: close

Page title: 403 - Forbidden: Access is denied.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.1.137:80 · www.shop.heartstream.com

2026-01-11 02:28

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://www.shop.heartstream.com/
Expires: Sun, 11 Jan 2026 02:29:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 11 Jan 2026 02:29:21 GMT
Connection: close
Set-Cookie: user_country=CA; path=/; secure
Akamai-Cache-Status: NotCacheable from child

Found 2026-01-11 by HttpPlugin

Create report

Open service 2.16.1.137:443 · www.shop.heartstream.com

2026-01-11 02:28

HTTP/1.1 200 OK
Server: *
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html;charset=UTF-8
Content-Language: en
X-SAP-Pad: 3274
Vary: user-agent
Expires: Sun, 11 Jan 2026 02:28:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 11 Jan 2026 02:28:40 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID=Y17-69a24592-a1f7-4b8f-98ce-bcc6bffb8f80; Path=/; Secure; HttpOnly; SameSite=None; Secure
Set-Cookie: country_currency_rememberme_cookie=US; Max-Age=1209600; Expires=Sun, 25 Jan 2026 02:28:40 GMT; Path=/; Secure; SameSite=None
Set-Cookie: country_currency_rememberme_cookie=:USD; Max-Age=1209600; Expires=Sun, 25 Jan 2026 02:28:40 GMT; Path=/; Secure; SameSite=None
Set-Cookie: JSESSIONID=Y17-69a24592-a1f7-4b8f-98ce-bcc6bffb8f80.accstorefront-7f657c9696-6v7wr; Path=/; Secure; HttpOnly; SameSite=None
Set-Cookie: ROUTE=.accstorefront-7f657c9696-6v7wr; Path=/; Secure; HttpOnly; SameSite=None
Set-Cookie: user_country=US; path=/; secure
Akamai-Cache-Status: NotCacheable from child

Found 2026-01-11 by HttpPlugin

Create report

Open service 2.16.1.137:80 · www.yupiii.gr

2026-01-05 04:36

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.yupiii.gr/
Date: Mon, 05 Jan 2026 04:36:27 GMT
Connection: close

Found 2026-01-05 by HttpPlugin

Create report

Open service 2.16.1.137:443 · www.yupiii.gr

2026-01-05 04:36

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 05 Jan 2026 04:34:34 GMT
Server: Microsoft-IIS/10.0
True-Client-IP: 78.87.212.23
X-AspNet-Version: 4.0.30319
Timing-Allow-Origin: *
server-instance: web1
Cache-Control: public, max-age=60
Expires: Mon, 05 Jan 2026 04:37:24 GMT
Date: Mon, 05 Jan 2026 04:36:24 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding

Found 2026-01-05 by HttpPlugin

Create report

Open service 2.16.1.137:443 · www.shape.gr

2026-01-05 01:36

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 05 Jan 2026 01:33:19 GMT
Server: Microsoft-IIS/10.0
True-Client-IP: 79.131.42.75
X-AspNet-Version: 4.0.30319
Timing-Allow-Origin: *
server-instance: web2
Cache-Control: public, max-age=60
Expires: Mon, 05 Jan 2026 01:37:08 GMT
Date: Mon, 05 Jan 2026 01:36:08 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding

Found 2026-01-05 by HttpPlugin

Create report

Open service 2.16.1.137:80 · www.missbloom.gr

2026-01-05 01:30

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.missbloom.gr/
Date: Mon, 05 Jan 2026 01:30:29 GMT
Connection: close

Found 2026-01-05 by HttpPlugin

Create report

Open service 2.16.1.137:80 · www.harpersbazaar.gr

2026-01-04 22:03

HTTP/1.1 307 Temporary Redirect
Server: AkamaiGHost
Content-Length: 0
Location: https://www.harpersbazaar.gr/
Date: Sun, 04 Jan 2026 22:03:44 GMT
Connection: close

Found 2026-01-04 by HttpPlugin

Create report

Open service 2.16.1.137:443 · www.harpersbazaar.gr

2026-01-04 22:03

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Last-Modified: Sun, 04 Jan 2026 22:00:09 GMT
Server: Microsoft-IIS/10.0
True-Client-IP: 62.74.61.29
X-AspNet-Version: 4.0.30319
Timing-Allow-Origin: *
server-instance: web1
Cache-Control: public, max-age=60
Expires: Sun, 04 Jan 2026 22:04:41 GMT
Date: Sun, 04 Jan 2026 22:03:41 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding

Found 2026-01-04 by HttpPlugin

Create report

Open service 2.16.1.137:80 · www.capital.gr

2026-01-04 22:02

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.capital.gr/
Date: Sun, 04 Jan 2026 22:02:10 GMT
Connection: close

Found 2026-01-04 by HttpPlugin

Create report

Open service 2.16.1.137:443 · www.capital.gr

2026-01-04 22:02

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
True-Client-IP: 5.55.79.155
X-AspNet-Version: 4.0.30319
Timing-Allow-Origin: *
server-instance: web2
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age-31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type
Cache-Control: private, max-age=36
Date: Sun, 04 Jan 2026 22:02:07 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding

Found 2026-01-04 by HttpPlugin