Host 3.8.134.209
United Kingdom
Software information
Apache 2.4.52
tcp/443
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
IP: 3.8.134.209
Domain: dev.starexch.testingserverwm.com
Port: 443
URL: https://dev.starexch.testingserverwm.comFirst seen 2025-08-19 08:25
Last seen 2025-12-27 01:18
Open for 129 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c684e525d684e525dd2dfbd681291ca9ff9b65a214be9e5fdFound 27 files trough .DS_Store spidering: /.htaccess /abc.json /abc1.json /abc2.json /addons /affiliates_assets /assets /assets/css /assets/images /assets/js /assets/links /assets/ltfiles /assets/winmatch.apk /css /csvFile /favicon_io /feeds /gift.png /google6a16d3dfbbb263ef.html /googlec4f523def02eca7a.html /index.php /js /mix-manifest.json /robots.txt /sitemap.xml /version.xml /web.config
Found on 2025-12-27 01:18
-
-
Leak detected by NucleiPlugin
No description available
First seen 2021-06-29 11:42
Last seen 2021-07-10 09:13
Open for 10 days-
Fingerprint: 33fc8a384ee3c2e7663e82b9663e82b9cdc71a55e0ff963ee0ff963e30583a48
Nuclei scan report for tags wordpress, php, nginx: wordpress-user-enumeration : Wordpress user enumeration by Manas_Harsh & daffainfo ------------- wp-license-file : WordPress license file disclosure by yashgoti ------------- wordpress-xmlrpc-file : WordPress xmlrpc by udit_thakkur -------------
Found on 2021-07-10 09:13 -
Fingerprint: 33fc8a384ee3c2e738e1ea3738e1ea37009ef99b22f1e08844969c8844969c88
Nuclei scan report for tags wordpress, php: CVE-2017-5487 : WordPress Core < 4.7.1 - Username Enumeration by Manas_Harsh,daffainfo ------------- wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
Found on 2021-06-29 11:42
-
-
Open service 3.8.134.209:443 · dev.starexch.testingserverwm.com
2026-01-09 18:56
HTTP/1.1 302 Found Date: Fri, 09 Jan 2026 18:56:49 GMT Server: Apache/2.4.52 (Ubuntu) Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private Location: https://dev.starexch.testingserverwm.com/portalAccess Pragma: no-cache Expires: Sat, 01 Jan 1990 00:00:00 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: frame-ancestors 'none' Set-Cookie: XSRF-TOKEN=eyJpdiI6ImdHVkhlb3R6YU5PcmY5VTZPYlU3L1E9PSIsInZhbHVlIjoiMTlSMUxxSktZTGN6eEpLcjFyM2o5QnR0MzFMV2dXRzJlRVlNVGJpV0hKV0hCd0JJNlE4ZER5WTRqTlpxUXF6SVRkY2kydmJwRlN1ZEJOWmRkTis2ZDkxbGdIWUF5bXdQdWFiSWVyYkowYW5zTFFLdGRWekRCNks5UG1RWHFTR2wiLCJtYWMiOiI1Mzk1OTgxYjhkNWZkZDFjZWRiZGE5OGQ2ZjU5OTVjMDhhMjMyYjZhM2I1MmZkNGRlNjQyODcxNjkyNDg3Y2RlIiwidGFnIjoiIn0%3D; expires=Fri, 09-Jan-2026 20:56:49 GMT; Max-Age=7200; path=/; samesite=lax Set-Cookie: laravel_session=xzAV6c0NMLm1tubAM9SV3XNKpiFA9E6aBZ8xmwHD; expires=Fri, 09-Jan-2026 20:56:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Page title: Redirecting to https://dev.starexch.testingserverwm.com/portalAccess <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://dev.starexch.testingserverwm.com/portalAccess'" /> <title>Redirecting to https://dev.starexch.testingserverwm.com/portalAccess</title> </head> <body> Redirecting to <a href="https://dev.starexch.testingserverwm.com/portalAccess">https://dev.starexch.testingserverwm.com/portalAccess</a>. </body> </html>Found 2 days ago by HttpPluginCreate report
-
Open service 3.8.134.209:443 · dev.starexch.testingserverwm.com
2025-12-23 04:17
HTTP/1.1 302 Found Date: Tue, 23 Dec 2025 04:17:33 GMT Server: Apache/2.4.52 (Ubuntu) Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private Location: https://dev.starexch.testingserverwm.com/portalAccess Pragma: no-cache Expires: Sat, 01 Jan 1990 00:00:00 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: frame-ancestors 'none' Set-Cookie: XSRF-TOKEN=eyJpdiI6ImwrWXRQUDQ5RlRaRFNUU3pOZEFVdXc9PSIsInZhbHVlIjoiM1JNZ3o5czRrTVBQWXhLL1krcjR3OGVrY1U2aTQ1TmI4b25TUnA2TkY1YmFHVE5xSlBlMUtxUEZhRFpmV2pnR1VvVW04QVJSb3ZRaHp6N25RenJIeXlHWlg3RWorTnhneVJ6MFdDTGluV0ttK2NKbDBSMlE0cmd3QVZ0bmJWOTUiLCJtYWMiOiJjYmE1ODBhZDgwOWI4ODUxZTY4Y2MyNzdjNjdiM2ViYWRiZGM5NmU3Zjc3NTUzOWQ5YTY5MGZiYjc1NmQ3MDM5IiwidGFnIjoiIn0%3D; expires=Tue, 23-Dec-2025 06:17:33 GMT; Max-Age=7200; path=/; samesite=lax Set-Cookie: laravel_session=DfSyIjMFmWHCL5QrW0jd02CX9M6ilUPyJQBIQt0C; expires=Tue, 23-Dec-2025 06:17:33 GMT; Max-Age=7200; path=/; httponly; samesite=lax Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Page title: Redirecting to https://dev.starexch.testingserverwm.com/portalAccess <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://dev.starexch.testingserverwm.com/portalAccess'" /> <title>Redirecting to https://dev.starexch.testingserverwm.com/portalAccess</title> </head> <body> Redirecting to <a href="https://dev.starexch.testingserverwm.com/portalAccess">https://dev.starexch.testingserverwm.com/portalAccess</a>. </body> </html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 3.8.134.209:443 · dev.starexch.testingserverwm.com
2025-12-21 10:11
HTTP/1.1 302 Found Date: Sun, 21 Dec 2025 10:11:36 GMT Server: Apache/2.4.52 (Ubuntu) Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private Location: https://dev.starexch.testingserverwm.com/portalAccess Pragma: no-cache Expires: Sat, 01 Jan 1990 00:00:00 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: frame-ancestors 'none' Set-Cookie: XSRF-TOKEN=eyJpdiI6ImV2QTdBUjdpdnNiQitHUE1SQmNQVWc9PSIsInZhbHVlIjoibmp6L2o3djJnbVNRa2taMlZ6YW85ejBZcUpyWnh0alA2OXcyeGs5N2lGekZScExhUDlVS2xTU0lWN0hLZDh0aDc0NThQaEZHVitJMXZSK3FMb0NOSS94b0FpN1lieFJUaTVJZjF0OXpneTg0UnVpZHpYQlJ6eW9jQzZyK2RaUVIiLCJtYWMiOiJkMmU4MGM0ZWIyNzliMjA0M2U3YjhlYmRkNDAwNDJjOTZhYjMyZDU1YWQ5Y2E4MTcxYTEwODM0Y2Q3Mjk3ZTkwIiwidGFnIjoiIn0%3D; expires=Sun, 21-Dec-2025 12:11:36 GMT; Max-Age=7200; path=/; samesite=lax Set-Cookie: laravel_session=4rqfv9ZhqAgBhPaGr70McYK7RSh1KGCHowrFAVOS; expires=Sun, 21-Dec-2025 12:11:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Page title: Redirecting to https://dev.starexch.testingserverwm.com/portalAccess <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://dev.starexch.testingserverwm.com/portalAccess'" /> <title>Redirecting to https://dev.starexch.testingserverwm.com/portalAccess</title> </head> <body> Redirecting to <a href="https://dev.starexch.testingserverwm.com/portalAccess">https://dev.starexch.testingserverwm.com/portalAccess</a>. </body> </html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 3.8.134.209:443 · dev.starexch.testingserverwm.com
2025-12-19 00:05
HTTP/1.1 302 Found Date: Fri, 19 Dec 2025 00:05:07 GMT Server: Apache/2.4.52 (Ubuntu) Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private Location: https://dev.starexch.testingserverwm.com/portalAccess Pragma: no-cache Expires: Sat, 01 Jan 1990 00:00:00 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: frame-ancestors 'none' Set-Cookie: XSRF-TOKEN=eyJpdiI6InlicVp5VjFyeE5WVnhyc2Z3Tm1UQlE9PSIsInZhbHVlIjoiK3hRMDhGL3ZqYVFpbFBYUW5mZWJDOFlKZUlxaTFxckdVUnNKcHo3SWM3Sm1ZdFFyUW0yb2NXcWovdVdiNGtGdXgyWTEvUnpoelBqYWpPMlJ4bUQ0S3dTK3Z3T3pSVFBQTUtXb2VKU2cxenR1TWh6TjVGT2lKYXVveDhvU242NWoiLCJtYWMiOiJhOGE4M2U3N2FkNGUwMjEyNjA2YTQ1N2QxYmMzMDA5MDgxNjg5NTk3MDhkZWRmMjY4OTU4ZWNjM2M2NmE3N2NkIiwidGFnIjoiIn0%3D; expires=Fri, 19-Dec-2025 02:05:07 GMT; Max-Age=7200; path=/; samesite=lax Set-Cookie: laravel_session=QXq9YTCrumFCiL0KTxxPZX8BPP9DSbAzGjcjpE23; expires=Fri, 19-Dec-2025 02:05:07 GMT; Max-Age=7200; path=/; httponly; samesite=lax Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Page title: Redirecting to https://dev.starexch.testingserverwm.com/portalAccess <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://dev.starexch.testingserverwm.com/portalAccess'" /> <title>Redirecting to https://dev.starexch.testingserverwm.com/portalAccess</title> </head> <body> Redirecting to <a href="https://dev.starexch.testingserverwm.com/portalAccess">https://dev.starexch.testingserverwm.com/portalAccess</a>. </body> </html>Found 2025-12-19 by HttpPluginCreate report