LeakIX - Host 66.235.200.145

Host 66.235.200.145

United States

NETWORK-SOLUTIONS-HOSTING

Software information

cloudflare

tcp/443 tcp/80 tcp/8443

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: danbaker.space
Port: 80
URL: http://danbaker.space/.vscode/sftp.json

First seen 2024-04-14 15:25
Last seen 2024-06-30 17:48
Open for 77 days
- Fingerprint: 13b3a7b17cfc7502c36c325d27ff37d7d27e06b97a692a319bd302e1336d4179
```
{
  "name": "My Server",
  "host": "67.222.38.82",
  "protocol": "ftp",
  "port": 21,
  "username": "admin@eastsideguitarschool.com",
  "remotePath": "public_html/.website_ec7dc097",
  "password": "SVp*aY_hnX=F",
  "uploadOnSave": true,
  "useTempFile": false,
  "openSsh": false
}
```
  Found on 2024-06-30 17:48
  
  282 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: danbaker.space
Port: 443
URL: https://danbaker.space/.vscode/sftp.json

First seen 2024-04-14 15:25
Last seen 2024-06-30 16:13
Open for 77 days
- Fingerprint: 13b3a7b17cfc7502c36c325d27ff37d7d27e06b97a692a319bd302e1336d4179
```
{
  "name": "My Server",
  "host": "67.222.38.82",
  "protocol": "ftp",
  "port": 21,
  "username": "admin@eastsideguitarschool.com",
  "remotePath": "public_html/.website_ec7dc097",
  "password": "SVp*aY_hnX=F",
  "uploadOnSave": true,
  "useTempFile": false,
  "openSsh": false
}
```
  Found on 2024-06-30 16:13
  
  282 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.danbaker.space
Port: 443
URL: https://www.danbaker.space/.vscode/sftp.json

First seen 2024-04-14 17:02
Last seen 2024-06-30 15:22
Open for 76 days
- Fingerprint: 13b3a7b17cfc7502c36c325d27ff37d7d27e06b97a692a319bd302e1336d4179
```
{
  "name": "My Server",
  "host": "67.222.38.82",
  "protocol": "ftp",
  "port": 21,
  "username": "admin@eastsideguitarschool.com",
  "remotePath": "public_html/.website_ec7dc097",
  "password": "SVp*aY_hnX=F",
  "uploadOnSave": true,
  "useTempFile": false,
  "openSsh": false
}
```
  Found on 2024-06-30 15:22
  
  282 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.danbaker.space
Port: 80
URL: http://www.danbaker.space/.vscode/sftp.json

First seen 2024-04-14 17:02
Last seen 2024-06-30 15:22
Open for 76 days
- Fingerprint: 13b3a7b17cfc7502c36c325d27ff37d7d27e06b97a692a319bd302e1336d4179
```
{
  "name": "My Server",
  "host": "67.222.38.82",
  "protocol": "ftp",
  "port": 21,
  "username": "admin@eastsideguitarschool.com",
  "remotePath": "public_html/.website_ec7dc097",
  "password": "SVp*aY_hnX=F",
  "uploadOnSave": true,
  "useTempFile": false,
  "openSsh": false
}
```
  Found on 2024-06-30 15:22
  
  282 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.enalta.com.mx
Port: 443
URL: https://www.enalta.com.mx/.vscode/sftp.json

First seen 2023-09-17 02:51
Last seen 2024-06-30 12:58
Open for 287 days
- Fingerprint: 13b3a7b17cfc7502c36c325defb89f331344bee40efd5fd0deec73c294f038d6
```
{
    "name": "Enalta",
    "host": "ftp.upgrade.red",
    "protocol": "ftp",
    "port": 21,
    "username": "enalta@upgrade.red",
    "password": "k{v7YK;v@$JU",
    "remotePath": "/",
    "uploadOnSave": true

}
```
  Found on 2024-06-30 12:58
  
  215 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: enalta.com.mx
Port: 443
URL: https://enalta.com.mx/.vscode/sftp.json

First seen 2023-09-17 02:51
Last seen 2024-06-30 11:04
Open for 287 days
- Fingerprint: 13b3a7b17cfc7502c36c325defb89f331344bee40efd5fd0deec73c294f038d6
```
{
    "name": "Enalta",
    "host": "ftp.upgrade.red",
    "protocol": "ftp",
    "port": 21,
    "username": "enalta@upgrade.red",
    "password": "k{v7YK;v@$JU",
    "remotePath": "/",
    "uploadOnSave": true

}
```
  Found on 2024-06-30 11:04
  
  215 Bytes
Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: expressercize.net
Port: 80
URL: http://expressercize.net

First seen 2024-05-28 13:05
Last seen 2024-06-30 09:52
Open for 32 days

Fingerprint: b18befd9dd6536ad3355122c0b42e37b0b42e37b2af9020c2af9020cff153852

{
    "name" : "plugin_bundle_license",

    "unique_identifier" : "rocket_lms_plugin_bundle",

    "version" : "1.7.2",

    "minimum_item_version" : "1.7.2",

    "product_version" : "1.7.2",

    "files"     :
    [
       
        {
            "root_directory"    : "/assignments/lists.blade.php",
            "update_directory"  : "resources/views/admin/webinars/assignments/lists.blade.php"
        },
        {
            "root_directory"    : "/bundles/lists.blade.php",
            "update_directory"  : "resources/views/admin/bundles/lists.blade.php"
        },
        {
            "root_directory"    : "/installment/settings/index.blade.php",
            "update_directory"  : "resources/views/admin/financial/installments/settings/index.blade.php"
        },
        {
            "root_directory"    : "/registration_bonus/index.blade.php",
            "update_directory"  : "resources/views/admin/registration_bonus/settings/index.blade.php"
        }

    ]
}

Found on 2024-06-30 09:52

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: www.expressercize.net
Port: 443
URL: https://www.expressercize.net

First seen 2024-05-28 13:05
Last seen 2024-06-30 08:13
Open for 32 days

Fingerprint: b18befd9dd6536ad3355122c0b42e37b0b42e37b2af9020c2af9020cff153852

{
    "name" : "plugin_bundle_license",

    "unique_identifier" : "rocket_lms_plugin_bundle",

    "version" : "1.7.2",

    "minimum_item_version" : "1.7.2",

    "product_version" : "1.7.2",

    "files"     :
    [
       
        {
            "root_directory"    : "/assignments/lists.blade.php",
            "update_directory"  : "resources/views/admin/webinars/assignments/lists.blade.php"
        },
        {
            "root_directory"    : "/bundles/lists.blade.php",
            "update_directory"  : "resources/views/admin/bundles/lists.blade.php"
        },
        {
            "root_directory"    : "/installment/settings/index.blade.php",
            "update_directory"  : "resources/views/admin/financial/installments/settings/index.blade.php"
        },
        {
            "root_directory"    : "/registration_bonus/index.blade.php",
            "update_directory"  : "resources/views/admin/registration_bonus/settings/index.blade.php"
        }

    ]
}

Found on 2024-06-30 08:13

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: expressercize.net
Port: 443
URL: https://expressercize.net

First seen 2024-05-28 13:05
Last seen 2024-06-30 08:13
Open for 32 days

Fingerprint: b18befd9dd6536ad3355122c0b42e37b0b42e37b2af9020c2af9020cff153852

{
    "name" : "plugin_bundle_license",

    "unique_identifier" : "rocket_lms_plugin_bundle",

    "version" : "1.7.2",

    "minimum_item_version" : "1.7.2",

    "product_version" : "1.7.2",

    "files"     :
    [
       
        {
            "root_directory"    : "/assignments/lists.blade.php",
            "update_directory"  : "resources/views/admin/webinars/assignments/lists.blade.php"
        },
        {
            "root_directory"    : "/bundles/lists.blade.php",
            "update_directory"  : "resources/views/admin/bundles/lists.blade.php"
        },
        {
            "root_directory"    : "/installment/settings/index.blade.php",
            "update_directory"  : "resources/views/admin/financial/installments/settings/index.blade.php"
        },
        {
            "root_directory"    : "/registration_bonus/index.blade.php",
            "update_directory"  : "resources/views/admin/registration_bonus/settings/index.blade.php"
        }

    ]
}

Found on 2024-06-30 08:13

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: www.expressercize.net
Port: 80
URL: http://www.expressercize.net

First seen 2024-05-28 13:05
Last seen 2024-06-30 08:13
Open for 32 days

Fingerprint: b18befd9dd6536ad3355122c0b42e37b0b42e37b2af9020c2af9020cff153852

{
    "name" : "plugin_bundle_license",

    "unique_identifier" : "rocket_lms_plugin_bundle",

    "version" : "1.7.2",

    "minimum_item_version" : "1.7.2",

    "product_version" : "1.7.2",

    "files"     :
    [
       
        {
            "root_directory"    : "/assignments/lists.blade.php",
            "update_directory"  : "resources/views/admin/webinars/assignments/lists.blade.php"
        },
        {
            "root_directory"    : "/bundles/lists.blade.php",
            "update_directory"  : "resources/views/admin/bundles/lists.blade.php"
        },
        {
            "root_directory"    : "/installment/settings/index.blade.php",
            "update_directory"  : "resources/views/admin/financial/installments/settings/index.blade.php"
        },
        {
            "root_directory"    : "/registration_bonus/index.blade.php",
            "update_directory"  : "resources/views/admin/registration_bonus/settings/index.blade.php"
        }

    ]
}

Found on 2024-06-30 08:13

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 50.87.253.227
Domain: www.aaacdl.net
Port: 443
URL: https://www.aaacdl.net

First seen 2021-10-19 13:38
Last seen 2024-06-30 07:39
Open for 984 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c93a25c3a93a25c3a4dabc3910d84dc33c4433467dabfa568

Found 46 files trough .DS_Store spidering:

/400.shtml
/401.shtml
/403.shtml
/404.shtml
/500.php
/500.shtml
/about.html
/about_s.html
/archivos
/audio
/cdl-training-houston-tx.html
/cdl-training-houston.html
/cgi-bin
/contact.html
/contact_s.html
/courses.html
/courses_s.html
/css
/default.html
/exams
/exams.html
/exams_s.html
/fancybox
/faq.html
/faq_s.html
/favicon.ico
/fonts
/images
/index.html
/index_s.html
/jobs
/karen
/mobile
/new-site
/soon.png
/store
/student-db-test
/students
/temp
/text
/training.html
/training_s.html
/truck-driving-school-houston.html
/truck-driving-schools-in-houston-tx.html
/truck-driving-schools-in-houston.html
/users

Found on 2024-06-30 07:39

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b722d334b8d05d31aeeacada31051c1ddb

Found 128 files trough .DS_Store spidering:

/404.shtml
/AAA-a-tel.swf
/AAA-anex.swf
/AAA-conta.swf
/AAA-d-cdla.swf
/AAA-d-cdlb.swf
/AAA-d-endor.swf
/AAA-d-perm.swf
/AAA-dps.swf
/AAA-e-1exam.swf
/AAA-intro.swf
/aaa-logo.jpg
/AAA-p-m1.swf
/AAA-p-m2.swf
/AAA-p-m3.swf
/AAA-p-m4.swf
/AAA-p-manejo.swf
/AAA-p-sim.swf
/AAA-pract.swf
/AAA-promo.swf
/AAA-q-ayuda.swf
/AAA-q-garan.swf
/AAA-q-horar.swf
/AAA-q-notas.swf
/AAA-q-objeti.swf
/AAA-quien.swf
/AAA-servi.swf
/AAA-t1-reci.swf
/AAA-t10-osor.swf
/AAA-t11-hern.swf
/AAA-t12-farm.swf
/AAA-t13-cres.swf
/AAA-t14-vera.swf
/AAA-t15-mari.swf
/AAA-t16-juli.swf
/AAA-t17-zuni.swf
/AAA-t18-berr.swf
/AAA-t19-duro.swf
/AAA-t2-rome.swf
/AAA-t20-agui.swf
/AAA-t21-ever.swf
/AAA-t22-saul.swf
/AAA-t3-will.swf
/AAA-t4-meji.swf
/AAA-t5-vazq.swf
/AAA-t5-vazq2.swf
/AAA-t6-muri.swf
/AAA-t8-cris.swf
/AAA-t9-giov.swf
/AAA-test1.swf
/AAA-test2.swf
/AAA-testim.swf
/AAA-tiend.swf
/cdlinhouston
/cdlinhouston/400.shtml
/cdlinhouston/401.shtml
/cdlinhouston/403.shtml
/cdlinhouston/404.shtml
/cdlinhouston/500.php
/cdlinhouston/500.shtml
/cdlinhouston/about.html
/cdlinhouston/about_s.html
/cdlinhouston/archivos
/cdlinhouston/audio
/cdlinhouston/cdl-training-houston-tx.html
/cdlinhouston/cdl-training-houston.html
/cdlinhouston/cgi-bin
/cdlinhouston/contact.html
/cdlinhouston/contact_s.html
/cdlinhouston/courses.html
/cdlinhouston/courses_s.html
/cdlinhouston/css
/cdlinhouston/default.html
/cdlinhouston/exams
/cdlinhouston/exams.html
/cdlinhouston/exams_s.html
/cdlinhouston/fancybox
/cdlinhouston/faq.html
/cdlinhouston/faq_s.html
/cdlinhouston/favicon.ico
/cdlinhouston/fonts
/cdlinhouston/images
/cdlinhouston/index.html
/cdlinhouston/index_s.html
/cdlinhouston/jobs
/cdlinhouston/karen
/cdlinhouston/mobile
/cdlinhouston/new-site
/cdlinhouston/soon.png
/cdlinhouston/store
/cdlinhouston/student-db-test
/cdlinhouston/students
/cdlinhouston/temp
/cdlinhouston/text
/cdlinhouston/training.html
/cdlinhouston/training_s.html
/cdlinhouston/truck-driving-school-houston.html
/cdlinhouston/truck-driving-schools-in-houston-tx.html
/cdlinhouston/truck-driving-schools-in-houston.html
/cdlinhouston/users
/cdlonlinetests
/cdltestonline
/cdltrainingonline
/cgi-bin
/cuadrito.jpg
/db
/favicon.ico
/flash_aaa2.html
/houstoncdlschool
/iManual-5.pdf
/index.html
/mikedillard
/mobile
/pdf.html
/php.ini
/php.ini.bak.1476777939
/php.ini.bak.1476777941
/php.ini.bak.1477382271
/php.ini.php-upgrade-backup
/port.jpg
/ssv3_directory.php
/student
/superiordomesticservice
/test2
/tradeschoolsinhouston
/tryagain
/ugh
/ugh2

Found on 2021-10-19 13:38

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 50.87.253.227
Domain: aaacdl.net
Port: 443
URL: https://aaacdl.net

First seen 2021-10-19 13:38
Last seen 2024-06-30 01:30
Open for 984 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c93a25c3a93a25c3a4dabc3910d84dc33c4433467dabfa568

Found 46 files trough .DS_Store spidering:

/400.shtml
/401.shtml
/403.shtml
/404.shtml
/500.php
/500.shtml
/about.html
/about_s.html
/archivos
/audio
/cdl-training-houston-tx.html
/cdl-training-houston.html
/cgi-bin
/contact.html
/contact_s.html
/courses.html
/courses_s.html
/css
/default.html
/exams
/exams.html
/exams_s.html
/fancybox
/faq.html
/faq_s.html
/favicon.ico
/fonts
/images
/index.html
/index_s.html
/jobs
/karen
/mobile
/new-site
/soon.png
/store
/student-db-test
/students
/temp
/text
/training.html
/training_s.html
/truck-driving-school-houston.html
/truck-driving-schools-in-houston-tx.html
/truck-driving-schools-in-houston.html
/users

Found on 2024-06-30 01:30

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b722d334b8d05d31aeeacada31051c1ddb

Found 128 files trough .DS_Store spidering:

/404.shtml
/AAA-a-tel.swf
/AAA-anex.swf
/AAA-conta.swf
/AAA-d-cdla.swf
/AAA-d-cdlb.swf
/AAA-d-endor.swf
/AAA-d-perm.swf
/AAA-dps.swf
/AAA-e-1exam.swf
/AAA-intro.swf
/aaa-logo.jpg
/AAA-p-m1.swf
/AAA-p-m2.swf
/AAA-p-m3.swf
/AAA-p-m4.swf
/AAA-p-manejo.swf
/AAA-p-sim.swf
/AAA-pract.swf
/AAA-promo.swf
/AAA-q-ayuda.swf
/AAA-q-garan.swf
/AAA-q-horar.swf
/AAA-q-notas.swf
/AAA-q-objeti.swf
/AAA-quien.swf
/AAA-servi.swf
/AAA-t1-reci.swf
/AAA-t10-osor.swf
/AAA-t11-hern.swf
/AAA-t12-farm.swf
/AAA-t13-cres.swf
/AAA-t14-vera.swf
/AAA-t15-mari.swf
/AAA-t16-juli.swf
/AAA-t17-zuni.swf
/AAA-t18-berr.swf
/AAA-t19-duro.swf
/AAA-t2-rome.swf
/AAA-t20-agui.swf
/AAA-t21-ever.swf
/AAA-t22-saul.swf
/AAA-t3-will.swf
/AAA-t4-meji.swf
/AAA-t5-vazq.swf
/AAA-t5-vazq2.swf
/AAA-t6-muri.swf
/AAA-t8-cris.swf
/AAA-t9-giov.swf
/AAA-test1.swf
/AAA-test2.swf
/AAA-testim.swf
/AAA-tiend.swf
/cdlinhouston
/cdlinhouston/400.shtml
/cdlinhouston/401.shtml
/cdlinhouston/403.shtml
/cdlinhouston/404.shtml
/cdlinhouston/500.php
/cdlinhouston/500.shtml
/cdlinhouston/about.html
/cdlinhouston/about_s.html
/cdlinhouston/archivos
/cdlinhouston/audio
/cdlinhouston/cdl-training-houston-tx.html
/cdlinhouston/cdl-training-houston.html
/cdlinhouston/cgi-bin
/cdlinhouston/contact.html
/cdlinhouston/contact_s.html
/cdlinhouston/courses.html
/cdlinhouston/courses_s.html
/cdlinhouston/css
/cdlinhouston/default.html
/cdlinhouston/exams
/cdlinhouston/exams.html
/cdlinhouston/exams_s.html
/cdlinhouston/fancybox
/cdlinhouston/faq.html
/cdlinhouston/faq_s.html
/cdlinhouston/favicon.ico
/cdlinhouston/fonts
/cdlinhouston/images
/cdlinhouston/index.html
/cdlinhouston/index_s.html
/cdlinhouston/jobs
/cdlinhouston/karen
/cdlinhouston/mobile
/cdlinhouston/new-site
/cdlinhouston/soon.png
/cdlinhouston/store
/cdlinhouston/student-db-test
/cdlinhouston/students
/cdlinhouston/temp
/cdlinhouston/text
/cdlinhouston/training.html
/cdlinhouston/training_s.html
/cdlinhouston/truck-driving-school-houston.html
/cdlinhouston/truck-driving-schools-in-houston-tx.html
/cdlinhouston/truck-driving-schools-in-houston.html
/cdlinhouston/users
/cdlonlinetests
/cdltestonline
/cdltrainingonline
/cgi-bin
/cuadrito.jpg
/db
/favicon.ico
/flash_aaa2.html
/houstoncdlschool
/iManual-5.pdf
/index.html
/mikedillard
/mobile
/pdf.html
/php.ini
/php.ini.bak.1476777939
/php.ini.bak.1476777941
/php.ini.bak.1477382271
/php.ini.php-upgrade-backup
/port.jpg
/ssv3_directory.php
/student
/superiordomesticservice
/test2
/tradeschoolsinhouston
/tryagain
/ugh
/ugh2

Found on 2021-10-19 13:38

Create report

Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 66.235.200.145
Domain: www.stormhaul.com
Port: 443
URL: https://www.stormhaul.com/_profiler/empty/search/results

First seen 2022-08-20 09:50
Last seen 2024-06-24 09:29
Open for 673 days
- Fingerprint: 407cf4363b0e62fafca67e07406f44de406f44de406f44de406f44de406f44de
```
Symfony profiler enabled:
https://www.stormhaul.com/_profiler/empty/search/results
```
  Found on 2024-06-24 09:29
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 66.235.200.145
Domain: stormhaul.com
Port: 443
URL: https://stormhaul.com/_profiler/empty/search/results

First seen 2022-08-20 09:50
Last seen 2024-06-24 09:29
Open for 673 days
- Fingerprint: 407cf4363b0e62fafca67e07ccf34c77ccf34c77ccf34c77ccf34c77ccf34c77
```
Symfony profiler enabled:
https://stormhaul.com/_profiler/empty/search/results
```
  Found on 2024-06-24 09:29
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: bethefocus.net
Port: 443
URL: https://bethefocus.net

First seen 2021-08-02 15:24
Last seen 2024-05-20 07:59
Open for 1021 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc14dd185679b3e392e6c4550ce03f0710
```
Found 4 files trough .DS_Store spidering:

/cgi-bin
/wp-admin
/wp-content
/wp-includes
```
  Found on 2024-05-20 07:59
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: www.northernmonkeydesignstudio.com
Port: 443
URL: https://www.northernmonkeydesignstudio.com

First seen 2021-09-21 23:57
Last seen 2024-05-19 15:27
Open for 970 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642a297612460b5dd1660b5dd1660b5dd16
```
Found 2 files trough .DS_Store spidering:

/northernmonkey
/northernmonkey/animated-website
```
  Found on 2024-05-19 15:27
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: northernmonkeydesignstudio.com
Port: 443
URL: https://northernmonkeydesignstudio.com

First seen 2021-09-21 23:57
Last seen 2024-05-19 15:27
Open for 970 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642a297612460b5dd1660b5dd1660b5dd16
```
Found 2 files trough .DS_Store spidering:

/northernmonkey
/northernmonkey/animated-website
```
  Found on 2024-05-19 15:27
Create report
A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: sc-schools-demo.diw.vvo.mybluehost.me
Port: 443
URL: https://sc-schools-demo.diw.vvo.mybluehost.me

First seen 2024-01-29 07:18
Last seen 2024-04-30 23:01
Open for 92 days
- Fingerprint: b18befd9dd6536ad3355122c22f3c90a973b2f219bcfc42403439819983372e1
```
{
  "version": "7.2.1",
  "release_date": "27/09/2023",
  "required_manual_update": false,
  "min": "6.9.0",
  "migrations": [

  ],
  "url": "https://spondonit.com/contact",
  "notes": "This is a bug fixing update."
}
```
  Found on 2024-04-30 23:01
Create report
A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: www.sc-schools-demo.diw.vvo.mybluehost.me
Port: 443
URL: https://www.sc-schools-demo.diw.vvo.mybluehost.me

First seen 2024-01-29 06:53
Last seen 2024-04-30 20:09
Open for 92 days
- Fingerprint: b18befd9dd6536ad3355122c22f3c90a973b2f219bcfc42403439819983372e1
```
{
  "version": "7.2.1",
  "release_date": "27/09/2023",
  "required_manual_update": false,
  "min": "6.9.0",
  "migrations": [

  ],
  "url": "https://spondonit.com/contact",
  "notes": "This is a bug fixing update."
}
```
  Found on 2024-04-30 20:09
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.milemexports.com
Port: 443
URL: https://www.milemexports.com/.vscode/sftp.json

First seen 2024-03-19 05:24
- Fingerprint: 13b3a7b17cfc7502c36c325d676291920cc9d730a31fe9dcbaed747e5533a573
```
{
    "name": "Milem Bluehost",
    "host": "ftp.mrq.nmy.mybluehost.me",
    "protocol": "ftp",
    "port": 21,
    "username": "developer@milemexports.com",
    "password":"F?JiQqo)mLBH",
    "remotePath": "/",
    "secureOptions": {
        "rejectUnauthorized": false
    },
    
    "uploadOnSave": true
}
```
  Found on 2024-03-19 05:24
  
  309 Bytes
Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: milemexports.com
Port: 443
URL: https://milemexports.com/.vscode/sftp.json

First seen 2023-08-26 10:19
Last seen 2024-03-19 05:13
Open for 205 days

Fingerprint: 13b3a7b17cfc7502c36c325d676291920cc9d730a31fe9dcbaed747e5533a573

{
    "name": "Milem Bluehost",
    "host": "ftp.mrq.nmy.mybluehost.me",
    "protocol": "ftp",
    "port": 21,
    "username": "developer@milemexports.com",
    "password":"F?JiQqo)mLBH",
    "remotePath": "/",
    "secureOptions": {
        "rejectUnauthorized": false
    },
    
    "uploadOnSave": true
}

Found on 2024-03-19 05:13

309 Bytes

Fingerprint: 13b3a7b17cfc7502c36c325d876001e6eff781cba9a4f7b7cc6544bb1cc8aa32

{
    "name": "Wintek Godaddy",
    "host": "ftp.simplepc.com.mx",
    "protocol": "ftp",
    "port": 21,
    "username": "dev@milemexports.com",
    "password":"karina02",
    "remotePath": "/public_html/milemexports.com",
    "secureOptions": {
        "rejectUnauthorized": false
    },
    
    "uploadOnSave": true
}

Found on 2024-01-07 11:53

321 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39da22333d1f574608a82d237f2e0e8272c898c44f2f

HTTP/1.1 200 OK
Date: Sat, 26 Aug 2023 10:19:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Mon, 12 Jun 2023 19:35:00 GMT
Accept-Ranges: bytes
Content-Length: 53466
Vary: Accept-Encoding
Content-Type: text/html

Page title: Milem Exports{
    "name": "Wintek Godaddy",
    "host": "ftp.simplepc.com.mx",
    "protocol": "ftp",
    "port": 21,
    "username": "dev@milemexports.com",
    "password":"karina02",
    "remotePath": "/public_html/milemexports.com",
    "secureOptions": {
        "rejectUnauthorized": false
    },
    
    "uploadOnSave": true
}

Found on 2023-08-26 10:19

321 Bytes

Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.behind-pixels.com
Port: 443
URL: https://www.behind-pixels.com/.vscode/sftp.json

First seen 2023-07-03 23:29
Last seen 2024-01-07 12:29
Open for 187 days

Fingerprint: 13b3a7b17cfc7502c36c325d3315e3b6f33e70596f0a5cd1e7a60b81c9ee95dd

{
  "name": "Blue host",
  "host": "ftp.behind-pixels.com",
  "protocol": "ftp",
  "port": 21,
  "username": "user@behind-pixels.com",
  "password": "xuntix-6cybso-ryHsug",
  "remotePath": "/public_html",


  "openSsh": true,
  "uploadOnSave": true,
    "watcher": {
        "files": "**/*",
        "autoUpload": true,
        "autoDelete": true
    }
}

Found on 2024-01-07 12:29

354 Bytes

Fingerprint: 13b3a7b17cfc7502c36c325dc4d2caae464db3116d4b1f717ada9269de06047d

{
    "name": "Blue host",
    "host": "ftp.behind-pixels.com",
    "protocol": "ftp",
    "port": 21,
    "username": "user@behind-pixels.com",
    "password": "xuntix-6cybso-ryHsug",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}

Found on 2023-12-11 20:10

295 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39da2988cb7385c4c70af1e077ec740239524252055f

HTTP/1.1 200 OK
Date: Mon, 03 Jul 2023 23:29:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Sat, 13 May 2023 22:07:01 GMT
Cache-Control: max-age=7200
Expires: Tue, 04 Jul 2023 01:29:53 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7e12e9c22a500a55-AMS

Page title: Behind-pixels{
    "name": "Blue host",
    "host": "ftp.behind-pixels.com",
    "protocol": "ftp",
    "port": 21,
    "username": "user@behind-pixels.com",
    "password": "xuntix-6cybso-ryHsug",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}

Found on 2023-07-03 23:29

295 Bytes

Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: behind-pixels.com
Port: 443
URL: https://behind-pixels.com/.vscode/sftp.json

First seen 2023-07-03 23:29
Last seen 2024-01-07 07:16
Open for 187 days

Fingerprint: 13b3a7b17cfc7502c36c325d3315e3b6f33e70596f0a5cd1e7a60b81c9ee95dd

{
  "name": "Blue host",
  "host": "ftp.behind-pixels.com",
  "protocol": "ftp",
  "port": 21,
  "username": "user@behind-pixels.com",
  "password": "xuntix-6cybso-ryHsug",
  "remotePath": "/public_html",


  "openSsh": true,
  "uploadOnSave": true,
    "watcher": {
        "files": "**/*",
        "autoUpload": true,
        "autoDelete": true
    }
}

Found on 2024-01-07 07:16

354 Bytes

Fingerprint: 13b3a7b17cfc7502c36c325dc4d2caae464db3116d4b1f717ada9269de06047d

{
    "name": "Blue host",
    "host": "ftp.behind-pixels.com",
    "protocol": "ftp",
    "port": 21,
    "username": "user@behind-pixels.com",
    "password": "xuntix-6cybso-ryHsug",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}

Found on 2023-12-12 00:43

295 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39da2988cb7385c4c70af1e077ec740239524252055f

HTTP/1.1 200 OK
Date: Mon, 03 Jul 2023 23:29:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Sat, 13 May 2023 22:07:01 GMT
Cache-Control: max-age=7200
Expires: Tue, 04 Jul 2023 01:29:52 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7e12e9bf6e8c39db-YYZ

Page title: Behind-pixels{
    "name": "Blue host",
    "host": "ftp.behind-pixels.com",
    "protocol": "ftp",
    "port": 21,
    "username": "user@behind-pixels.com",
    "password": "xuntix-6cybso-ryHsug",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}

Found on 2023-07-03 23:29

295 Bytes

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: www.avx.bwj.mybluehost.me
Port: 443
URL: https://www.avx.bwj.mybluehost.me

First seen 2022-11-12 15:10
Last seen 2023-10-27 10:17
Open for 348 days

Fingerprint: b18befd9dd6536aa30550de5e45c5ea25f5813bd73ccd418c8ceeb2d4082b856

{
    "Races": [
        {
            "State": "NSW",
            "RaceCourse": "Canterbury",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/CBY/races?jurisdiction=NSW",
            "TipsterPicks": [{
                "R1": 2,
                "R2": 3,
                "R3": 4,
                "R4": 5,
                "R5": 2,
                "R6": 3,
                "R7": 1,   
                "R8": 14, 
                "R9": 16, 
                "R10": 9 
            }]
        },
        {
            "State": "VIC",
            "RaceCourse": "Sale",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/SAL/races?jurisdiction=VIC",
            "TipsterPicks": [{
                "R1": 1,
                "R2": 11,
                "R3": 1,
                "R4": 12,
                "R5": 15,
                "R6": 2,
                "R7": 2,   
                "R8": 9,
                "R9": 6,
		"R10": 4
            }]
        }
    ],
    "CutOff": "2022-10-04 18:00:00"
}

Found on 2023-10-27 10:17

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: avx.bwj.mybluehost.me
Port: 443
URL: https://avx.bwj.mybluehost.me

First seen 2022-11-12 15:10
Last seen 2023-10-27 02:45
Open for 348 days

Fingerprint: b18befd9dd6536aa30550de5e45c5ea25f5813bd73ccd418c8ceeb2d4082b856

{
    "Races": [
        {
            "State": "NSW",
            "RaceCourse": "Canterbury",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/CBY/races?jurisdiction=NSW",
            "TipsterPicks": [{
                "R1": 2,
                "R2": 3,
                "R3": 4,
                "R4": 5,
                "R5": 2,
                "R6": 3,
                "R7": 1,   
                "R8": 14, 
                "R9": 16, 
                "R10": 9 
            }]
        },
        {
            "State": "VIC",
            "RaceCourse": "Sale",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/SAL/races?jurisdiction=VIC",
            "TipsterPicks": [{
                "R1": 1,
                "R2": 11,
                "R3": 1,
                "R4": 12,
                "R5": 15,
                "R6": 2,
                "R7": 2,   
                "R8": 9,
                "R9": 6,
		"R10": 4
            }]
        }
    ],
    "CutOff": "2022-10-04 18:00:00"
}

Found on 2023-10-27 02:45

Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.oqo.lgx.mybluehost.me
Port: 443
URL: https://www.oqo.lgx.mybluehost.me/.vscode/sftp.json

First seen 2023-01-21 07:24
Last seen 2023-03-21 07:01
Open for 58 days
- Fingerprint: 13b3a7b17cfc7502c36c325d2c9bda3fe1c7dab582753cd5ea6954adb232d500
```
{
    "name": "My Server",
    "host": "ftp.oqo.lgx.mybluehost.me",
    "protocol": "ftp",
    "port": 21,
    "username": "simon@oqo.lgx.mybluehost.me",
    "password": "!Superall5root1234",
    "remotePath": "/",
    "uploadOnSave": true
}
```
  Found on 2023-01-21 07:24
  
  242 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: nightglasss.com
Port: 443
URL: https://nightglasss.com/.vscode/sftp.json

First seen 2023-01-23 20:20
Last seen 2023-02-22 11:15
Open for 29 days
- Fingerprint: 13b3a7b17cfc7502c36c325d4b86643e1218ea0e99f486c803bda69480e8fc56
```
{
    "name": "NightGlass",
    "host": "ftp.nightglasss.com",
    "password": "R9876r@9876Michael",
    "protocol": "ftp",
    "port": 21,
    "username": "nightgl3",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-23 20:20
  
  231 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: nightglasss.com
Port: 80
URL: http://nightglasss.com/.vscode/sftp.json

First seen 2023-01-23 20:20
Last seen 2023-02-22 11:15
Open for 29 days
- Fingerprint: 13b3a7b17cfc7502c36c325d4b86643e1218ea0e99f486c803bda69480e8fc56
```
{
    "name": "NightGlass",
    "host": "ftp.nightglasss.com",
    "password": "R9876r@9876Michael",
    "protocol": "ftp",
    "port": 21,
    "username": "nightgl3",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-23 20:20
  
  231 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: oqo.lgx.mybluehost.me
Port: 443
URL: https://oqo.lgx.mybluehost.me/.vscode/sftp.json

First seen 2023-01-21 04:36
Last seen 2023-02-21 03:11
Open for 30 days
- Fingerprint: 13b3a7b17cfc7502c36c325d2c9bda3fe1c7dab582753cd5ea6954adb232d500
```
{
    "name": "My Server",
    "host": "ftp.oqo.lgx.mybluehost.me",
    "protocol": "ftp",
    "port": 21,
    "username": "simon@oqo.lgx.mybluehost.me",
    "password": "!Superall5root1234",
    "remotePath": "/",
    "uploadOnSave": true
}
```
  Found on 2023-01-21 04:36
  
  242 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.nightglasss.com
Port: 80
URL: http://www.nightglasss.com/.vscode/sftp.json

First seen 2023-01-23 20:20
Last seen 2023-02-18 23:29
Open for 26 days
- Fingerprint: 13b3a7b17cfc7502c36c325d4b86643e1218ea0e99f486c803bda69480e8fc56
```
{
    "name": "NightGlass",
    "host": "ftp.nightglasss.com",
    "password": "R9876r@9876Michael",
    "protocol": "ftp",
    "port": 21,
    "username": "nightgl3",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-23 20:20
  
  231 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.nightglasss.com
Port: 443
URL: https://www.nightglasss.com/.vscode/sftp.json

First seen 2023-01-23 20:20
Last seen 2023-02-18 23:29
Open for 26 days
- Fingerprint: 13b3a7b17cfc7502c36c325d4b86643e1218ea0e99f486c803bda69480e8fc56
```
{
    "name": "NightGlass",
    "host": "ftp.nightglasss.com",
    "password": "R9876r@9876Michael",
    "protocol": "ftp",
    "port": 21,
    "username": "nightgl3",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-23 20:20
  
  231 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: www.auv.pyd.mybluehost.me
Port: 443
URL: https://www.auv.pyd.mybluehost.me/.vscode/sftp.json

First seen 2023-01-05 07:02
Last seen 2023-01-13 12:15
Open for 8 days
- Fingerprint: 13b3a7b17cfc7502c36c325d989d06624aded491abb794f117b7ae193b047a18
```
{
    "name": "Bluehost",
    "host": "ftp.auv.pyd.mybluehost.me",
    "protocol": "ftp",
    "password": "{658xMnD/)a[",
    "port": 21,
    "username": "auvpydmy",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-05 07:02
  
  228 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.145
Domain: auv.pyd.mybluehost.me
Port: 443
URL: https://auv.pyd.mybluehost.me/.vscode/sftp.json

First seen 2023-01-05 00:16
- Fingerprint: 13b3a7b17cfc7502c36c325d989d06624aded491abb794f117b7ae193b047a18
```
{
    "name": "Bluehost",
    "host": "ftp.auv.pyd.mybluehost.me",
    "protocol": "ftp",
    "password": "{658xMnD/)a[",
    "port": 21,
    "username": "auvpydmy",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-05 00:16
  
  228 Bytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: myadoptionforms.com
Port: 443
URL: https://myadoptionforms.com

First seen 2021-09-02 10:58
Last seen 2022-12-23 23:47
Open for 477 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfca469d9f440a4157da951065f7fbff2ba
```
Found 4 files trough .DS_Store spidering:

/files
/images
/includes
/ld
```
  Found on 2021-09-02 10:58
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 66.235.200.145
Domain: stormhaul.com
Port: 80
URL: http://stormhaul.com/_profiler/empty/search/results

First seen 2022-08-20 09:50
Last seen 2022-12-22 10:22
Open for 124 days
- Fingerprint: 407cf4363b0e62fafca67e07f9b7a35cf9b7a35cf9b7a35cf9b7a35cf9b7a35c
```
Symfony profiler enabled:
http://stormhaul.com/_profiler/empty/search/results
```
  Found on 2022-08-20 09:50
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 66.235.200.145
Domain: www.stormhaul.com
Port: 80
URL: http://www.stormhaul.com/_profiler/empty/search/results

First seen 2022-08-20 09:50
Last seen 2022-12-22 10:22
Open for 124 days
- Fingerprint: 407cf4363b0e62fafca67e0784b97a3d84b97a3d84b97a3d84b97a3d84b97a3d
```
Symfony profiler enabled:
http://www.stormhaul.com/_profiler/empty/search/results
```
  Found on 2022-08-20 09:50
Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: avx.bwj.mybluehost.me
Port: 80
URL: http://avx.bwj.mybluehost.me

First seen 2022-11-12 15:10

Fingerprint: b18befd9dd6536aa30550de5e45c5ea25f5813bd73ccd418c8ceeb2d4082b856

{
    "Races": [
        {
            "State": "NSW",
            "RaceCourse": "Canterbury",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/CBY/races?jurisdiction=NSW",
            "TipsterPicks": [{
                "R1": 2,
                "R2": 3,
                "R3": 4,
                "R4": 5,
                "R5": 2,
                "R6": 3,
                "R7": 1,   
                "R8": 14, 
                "R9": 16, 
                "R10": 9 
            }]
        },
        {
            "State": "VIC",
            "RaceCourse": "Sale",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/SAL/races?jurisdiction=VIC",
            "TipsterPicks": [{
                "R1": 1,
                "R2": 11,
                "R3": 1,
                "R4": 12,
                "R5": 15,
                "R6": 2,
                "R7": 2,   
                "R8": 9,
                "R9": 6,
		"R10": 4
            }]
        }
    ],
    "CutOff": "2022-10-04 18:00:00"
}

Found on 2022-11-12 15:10

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.145
Domain: www.avx.bwj.mybluehost.me
Port: 80
URL: http://www.avx.bwj.mybluehost.me

First seen 2022-11-12 15:10

Fingerprint: b18befd9dd6536aa30550de5e45c5ea25f5813bd73ccd418c8ceeb2d4082b856

{
    "Races": [
        {
            "State": "NSW",
            "RaceCourse": "Canterbury",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/CBY/races?jurisdiction=NSW",
            "TipsterPicks": [{
                "R1": 2,
                "R2": 3,
                "R3": 4,
                "R4": 5,
                "R5": 2,
                "R6": 3,
                "R7": 1,   
                "R8": 14, 
                "R9": 16, 
                "R10": 9 
            }]
        },
        {
            "State": "VIC",
            "RaceCourse": "Sale",
            "Link": "https://api.beta.tab.com.au/v1/tab-info-service/racing/dates/2022-10-05/meetings/R/SAL/races?jurisdiction=VIC",
            "TipsterPicks": [{
                "R1": 1,
                "R2": 11,
                "R3": 1,
                "R4": 12,
                "R5": 15,
                "R6": 2,
                "R7": 2,   
                "R8": 9,
                "R9": 6,
		"R10": 4
            }]
        }
    ],
    "CutOff": "2022-10-04 18:00:00"
}

Found on 2022-11-12 15:10

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: www.myadoptionforms.com
Port: 443
URL: https://www.myadoptionforms.com

First seen 2021-09-02 10:58
Last seen 2022-10-23 23:27
Open for 416 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfca469d9f440a4157da951065f7fbff2ba
```
Found 4 files trough .DS_Store spidering:

/files
/images
/includes
/ld
```
  Found on 2021-09-02 10:58
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: www.cmc-egypt.net
Port: 443
URL: https://www.cmc-egypt.net

First seen 2021-08-04 04:52
Last seen 2022-09-20 07:45
Open for 412 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2021-08-04 04:52
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: avetiumconsult.com
Port: 443
URL: https://avetiumconsult.com

First seen 2021-08-09 18:57
Last seen 2022-03-06 16:55
Open for 208 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c48b4adea48b4adea382ac47daf75451f9abd149f036ede46

Found 91 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/brands/logos-01.jpg
/src/img/brands/logos-01.png
/src/img/brands/logos-02.png
/src/img/brands/logos-03.png
/src/img/brands/logos-04.png
/src/img/brands/logos-05.png
/src/img/brands/logos-06.png
/src/img/brands/logos-07.png
/src/img/brands/logos-08.png
/src/img/brands/logos-09.png
/src/img/brands/logos-10.png
/src/img/brands/logos-11.png
/src/img/brands/logos-12.png
/src/img/brands/logos-13.png
/src/img/brands/logos-14.png
/src/img/cedar.png
/src/img/cert.jpeg
/src/img/concept
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/iso27.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/payrol.png
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/terms.html
/testimonials.html

Found on 2021-11-28 02:33

Severity: low
Fingerprint: 5f32cf5d6962f09c668fcbec668fcbec07d245e390367141b6f93df559707cce

Found 17 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/fonts
/src/img
/src/js
/team.html
/terms.html
/testimonials.html

Found on 2021-11-20 05:22

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7093c45e2a0b4d36a6e8dda4c70ce4a07

Found 128 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/brands/logos-01.jpg
/src/img/brands/logos-01.png
/src/img/brands/logos-02.png
/src/img/brands/logos-03.png
/src/img/brands/logos-04.png
/src/img/brands/logos-05.png
/src/img/brands/logos-06.png
/src/img/brands/logos-07.png
/src/img/brands/logos-08.png
/src/img/brands/logos-09.png
/src/img/brands/logos-10.png
/src/img/brands/logos-11.png
/src/img/brands/logos-12.png
/src/img/brands/logos-13.png
/src/img/brands/logos-14.png
/src/img/cedar.png
/src/img/cert.jpeg
/src/img/concept
/src/img/concept/comments.svg
/src/img/concept/main-menu.gif
/src/img/concept/main.gif
/src/img/concept/new-03.png
/src/img/concept/new-stress-free-1600p.png
/src/img/concept/new-stress-free-800p.png
/src/img/concept/new.gif
/src/img/concept/stress-free-800.png
/src/img/concept/stress-free.png
/src/img/concept/team 933p-02.png
/src/img/concept/team-01.png
/src/img/concept/team-1400p.png
/src/img/concept/team-1500p.png
/src/img/concept/team-933p-02.png
/src/img/concept/team-933p.png
/src/img/concept/what we do-02.png
/src/img/concept/what-we-do-900.png
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/icons/agenda.svg
/src/img/icons/analytics.svg
/src/img/icons/award-2.svg
/src/img/icons/award.svg
/src/img/icons/bar-chart.svg
/src/img/icons/bell.svg
/src/img/icons/briefcase-2.svg
/src/img/icons/briefcase.svg
/src/img/icons/browser-2.svg
/src/img/icons/browser.svg
/src/img/icons/brush.svg
/src/img/icons/bucket.svg
/src/img/icons/cake.svg
/src/img/icons/calculator.svg
/src/img/icons/calendar.svg
/src/img/icons/certificate.svg
/src/img/icons/chat-2.svg
/src/img/icons/chat.svg
/src/img/icons/check-list.svg
/src/img/icons/check.svg
/src/img/icons/clipboard.svg
/src/img/icons/clock-2.svg
/src/img/icons/clock-3.svg
/src/img/icons/clock.svg
/src/img/icons/cloud-computing-2.svg
/src/img/icons/cloud-computing-3.svg
/src/img/icons/cloud-computing.svg
/src/img/icons/compass.svg
/src/img/icons/computer.svg
/src/img/icons/controller-2.svg
/src/img/icons/controller.svg
/src/img/icons/crayons.svg
/src/img/icons/crop.svg
/src/img/icons/design.svg
/src/img/icons/earth.svg
/src/img/icons/email-2.svg
/src/img/icons/email.svg
/src/img/icons/fullscreen.svg
/src/img/icons/geolocalization.svg
/src/img/icons/gift.svg
/src/img/icons/handshake.svg
/src/img/icons/headphone-2.svg
/src/img/icons/headphone.svg
/src/img/icons/home.svg
/src/img/icons/house.svg
/src/img/icons/id-card.svg
/src/img/icons/light-bulb.svg

Found on 2021-11-10 10:27

Severity: medium
Fingerprint: 5f32cf5d6962f09ca728a86fa728a86f6495ec0afc271122dbed2a840d304007

Found 76 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/cedar.png
/src/img/cert.jpeg
/src/img/concept
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/iso27.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/payrol.png
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/terms.html
/testimonials.html

Found on 2021-11-08 03:10

Severity: medium
Fingerprint: 5f32cf5d6962f09c20f30ab920f30ab93d14eef8c2db1c54bc3510daa9c1f6df

Found 67 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/cedar.png
/src/img/cert.jpeg
/src/img/concept
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/iso27.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/payrol.png
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/terms.html
/testimonials.html

Found on 2021-10-28 18:41

Severity: low
Fingerprint: 5f32cf5d6962f09c3838040e3838040e0a41bb596e3ff0abb0db469b5d864499

Found 20 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/js
/team.html
/terms.html
/testimonials.html

Found on 2021-10-28 18:41

Severity: medium
Fingerprint: 5f32cf5d6962f09c449f2b2d449f2b2de6748994a2a671f0dbe4cfa68cfa972a

Found 108 files trough .DS_Store spidering:

/about.html
/certification.html
/contact.html
/index.html
/payroll.html
/privacy.html
/products.html
/publication.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/brands/logos-01.jpg
/src/img/brands/logos-01.png
/src/img/brands/logos-02.png
/src/img/brands/logos-03.png
/src/img/brands/logos-04.png
/src/img/brands/logos-05.png
/src/img/brands/logos-06.png
/src/img/brands/logos-07.png
/src/img/brands/logos-08.png
/src/img/brands/logos-09.png
/src/img/brands/logos-10.png
/src/img/brands/logos-11.png
/src/img/brands/logos-12.png
/src/img/brands/logos-13.png
/src/img/brands/logos-14.png
/src/img/cedar.png
/src/img/cert.jpeg
/src/img/concept
/src/img/concept/comments.svg
/src/img/concept/main-menu.gif
/src/img/concept/main.gif
/src/img/concept/new-03.png
/src/img/concept/new-stress-free-1600p.png
/src/img/concept/new-stress-free-800p.png
/src/img/concept/new.gif
/src/img/concept/stress-free-800.png
/src/img/concept/stress-free.png
/src/img/concept/team 933p-02.png
/src/img/concept/team-01.png
/src/img/concept/team-1400p.png
/src/img/concept/team-1500p.png
/src/img/concept/team-933p-02.png
/src/img/concept/team-933p.png
/src/img/concept/what we do-02.png
/src/img/concept/what-we-do-900.png
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/iso27.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/payrol.png
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/terms.html
/testimonials.html

Found on 2021-10-26 06:49

Severity: medium
Fingerprint: 5f32cf5d6962f09cf118c228f118c228969cd96717ced8e72abc878bf23a8404

Found 101 files trough .DS_Store spidering:

/about.html
/contact.html
/index.html
/privacy.html
/products.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/brands/logos-01.jpg
/src/img/brands/logos-01.png
/src/img/brands/logos-02.png
/src/img/brands/logos-03.png
/src/img/brands/logos-04.png
/src/img/brands/logos-05.png
/src/img/brands/logos-06.png
/src/img/brands/logos-07.png
/src/img/brands/logos-08.png
/src/img/brands/logos-09.png
/src/img/brands/logos-10.png
/src/img/brands/logos-11.png
/src/img/brands/logos-12.png
/src/img/brands/logos-13.png
/src/img/brands/logos-14.png
/src/img/cedar.png
/src/img/concept
/src/img/concept/comments.svg
/src/img/concept/main-menu.gif
/src/img/concept/main.gif
/src/img/concept/new-03.png
/src/img/concept/new-stress-free-1600p.png
/src/img/concept/new-stress-free-800p.png
/src/img/concept/new.gif
/src/img/concept/stress-free-800.png
/src/img/concept/stress-free.png
/src/img/concept/team 933p-02.png
/src/img/concept/team-01.png
/src/img/concept/team-1400p.png
/src/img/concept/team-1500p.png
/src/img/concept/team-933p-02.png
/src/img/concept/team-933p.png
/src/img/concept/what we do-02.png
/src/img/concept/what-we-do-900.png
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/testimonials.html

Found on 2021-10-14 18:37

Severity: medium
Fingerprint: 5f32cf5d6962f09c6cdae1676cdae167f714029298a1d87481c6ed1afa7a38f8

Found 69 files trough .DS_Store spidering:

/about.html
/contact.html
/index.html
/privacy.html
/products.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/cedar.png
/src/img/concept
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/testimonials.html

Found on 2021-09-04 12:13

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7093c45e2fec59e44f24627caf18ede7f

Found 128 files trough .DS_Store spidering:

/about.html
/contact.html
/index.html
/privacy.html
/products.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/avatars/ADEYINKA-ADEDOKUN-300.png
/src/img/avatars/ADEYINKA-ADEDOKUN-600.png
/src/img/avatars/ADEYINKA-ADEDOKUN-900.png
/src/img/avatars/kola.jpeg
/src/img/avatars/oche.jpeg
/src/img/avatars/segun--900.png
/src/img/avatars/segun-300.png
/src/img/avatars/segun-600.png
/src/img/avatars/segun.jpeg
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/brands/logos-01.jpg
/src/img/brands/logos-01.png
/src/img/brands/logos-02.png
/src/img/brands/logos-03.png
/src/img/brands/logos-04.png
/src/img/brands/logos-05.png
/src/img/brands/logos-06.png
/src/img/brands/logos-07.png
/src/img/brands/logos-08.png
/src/img/brands/logos-09.png
/src/img/brands/logos-10.png
/src/img/brands/logos-11.png
/src/img/brands/logos-12.png
/src/img/brands/logos-13.png
/src/img/brands/logos-14.png
/src/img/cedar.png
/src/img/concept
/src/img/concept/comments.svg
/src/img/concept/main-menu.gif
/src/img/concept/main.gif
/src/img/concept/new-03.png
/src/img/concept/new-stress-free-1600p.png
/src/img/concept/new-stress-free-800p.png
/src/img/concept/new.gif
/src/img/concept/stress-free-800.png
/src/img/concept/stress-free.png
/src/img/concept/team 933p-02.png
/src/img/concept/team-01.png
/src/img/concept/team-1400p.png
/src/img/concept/team-1500p.png
/src/img/concept/team-933p-02.png
/src/img/concept/team-933p.png
/src/img/concept/what we do-02.png
/src/img/concept/what-we-do-900.png
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/icons/agenda.svg
/src/img/icons/analytics.svg
/src/img/icons/award-2.svg
/src/img/icons/award.svg
/src/img/icons/bar-chart.svg
/src/img/icons/bell.svg
/src/img/icons/briefcase-2.svg
/src/img/icons/briefcase.svg
/src/img/icons/browser-2.svg
/src/img/icons/browser.svg
/src/img/icons/brush.svg
/src/img/icons/bucket.svg
/src/img/icons/cake.svg
/src/img/icons/calculator.svg
/src/img/icons/calendar.svg
/src/img/icons/certificate.svg
/src/img/icons/chat-2.svg
/src/img/icons/chat.svg
/src/img/icons/check-list.svg
/src/img/icons/check.svg
/src/img/icons/clipboard.svg
/src/img/icons/clock-2.svg
/src/img/icons/clock-3.svg
/src/img/icons/clock.svg
/src/img/icons/cloud-computing-2.svg
/src/img/icons/cloud-computing-3.svg
/src/img/icons/cloud-computing.svg
/src/img/icons/compass.svg
/src/img/icons/computer.svg
/src/img/icons/controller-2.svg
/src/img/icons/controller.svg
/src/img/icons/crayons.svg
/src/img/icons/crop.svg
/src/img/icons/design.svg
/src/img/icons/earth.svg
/src/img/icons/email-2.svg
/src/img/icons/email.svg
/src/img/icons/fullscreen.svg
/src/img/icons/geolocalization.svg
/src/img/icons/gift.svg
/src/img/icons/handshake.svg
/src/img/icons/headphone-2.svg
/src/img/icons/headphone.svg
/src/img/icons/home.svg
/src/img/icons/house.svg
/src/img/icons/id-card.svg
/src/img/icons/light-bulb.svg
/src/img/icons/link.svg
/src/img/icons/list.svg
/src/img/icons/loading.svg
/src/img/icons/lock.svg

Found on 2021-08-19 20:26

Severity: medium
Fingerprint: 5f32cf5d6962f09ce9dbcc92e9dbcc92a4d1ca75a186df09fb841ed54e3d1563

Found 60 files trough .DS_Store spidering:

/about.html
/contact.html
/index.html
/privacy.html
/products.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/img/1606476450374.jpeg
/src/img/avatars
/src/img/aventiumproduct.png
/src/img/avetium-500p.gif
/src/img/avetium-new-300p.PNG
/src/img/avetium-new-400p.PNG
/src/img/avetium-new-500p.PNG
/src/img/avetium-text-white-134p.PNG
/src/img/avetium-text-white-268p.PNG
/src/img/avetium1080p.gif
/src/img/avetiumtext.png
/src/img/blob.svg
/src/img/BPO-900p.png
/src/img/brands
/src/img/cedar.png
/src/img/concept
/src/img/data management-02.png
/src/img/dell.png
/src/img/eti.png
/src/img/fav.ico
/src/img/hodusoft-min.jpeg
/src/img/hp.png
/src/img/icons
/src/img/image9.png
/src/img/instaview.png
/src/img/learning and developing.png
/src/img/mac.png
/src/img/Microsoft_.png
/src/img/migo.png
/src/img/mtn.png
/src/img/new-stuff.png
/src/img/new.png
/src/img/oracle.png
/src/img/outsourcing-bpo.png
/src/img/Pat.jpeg
/src/img/products.png
/src/img/TAJ-BANK.png
/src/img/technology and consulting.png
/src/img/testimonials-2.png
/src/img/transparent.png
/src/img/ulessons-logo-768x601.png
/src/img/white-logo-370p.GIF
/src/img/zendesk.png
/src/img/zimyo.png
/src/js
/team.html
/testimonials.html

Found on 2021-08-18 01:06

Severity: low
Fingerprint: 5f32cf5d6962f09c47dfe71947dfe71960e9e2582a3a1bee62002bfcc0fc2f26

Found 16 files trough .DS_Store spidering:

/about.html
/contact.html
/index.html
/privacy.html
/products.html
/services.html
/src
/src/css
/src/css/font
/src/css/plugins.css
/src/css/theme
/src/fonts
/src/img
/src/js
/team.html
/testimonials.html

Found on 2021-08-09 18:57

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: lifeofbrit.com
Port: 443
URL: https://lifeofbrit.com

First seen 2021-10-15 21:45
Last seen 2022-02-17 04:59
Open for 124 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2021-10-15 21:45
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: www.lifeofbrit.com
Port: 443
URL: https://www.lifeofbrit.com

First seen 2021-10-15 21:45
Last seen 2022-02-17 04:59
Open for 124 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2021-10-15 21:45
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: cmc-egypt.net
Port: 443
URL: https://cmc-egypt.net

First seen 2021-08-04 04:52
Last seen 2021-11-14 10:20
Open for 102 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2021-08-04 04:52
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: www.analuisapatino.com
Port: 443
URL: https://www.analuisapatino.com

First seen 2021-08-13 21:08
Last seen 2021-10-30 11:25
Open for 77 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c81c345f781c345f788b2bfaafef9355c1f2403fb2aa5f312
```
Found 32 files trough .DS_Store spidering:

/.well-known
/backup-1459547650-wp-admin
/expatips
/files
/happyfoodbrand
/home
/huatees
/iclatino
/inconfundiblemente
/inconfundiblementelatino
/license.txt
/loader.php
/readme.html
/thevirtualmall
/tintabeat
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2021-08-13 21:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: analuisapatino.com
Port: 443
URL: https://analuisapatino.com

First seen 2021-08-13 21:07
Last seen 2021-10-30 11:25
Open for 77 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c81c345f781c345f788b2bfaafef9355c1f2403fb2aa5f312
```
Found 32 files trough .DS_Store spidering:

/.well-known
/backup-1459547650-wp-admin
/expatips
/files
/happyfoodbrand
/home
/huatees
/iclatino
/inconfundiblemente
/inconfundiblementelatino
/license.txt
/loader.php
/readme.html
/thevirtualmall
/tintabeat
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2021-08-13 21:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: www.cultivatedself.com
Port: 443
URL: https://www.cultivatedself.com

First seen 2021-09-02 20:56
- Severity: low
  Fingerprint: 5f32cf5d6962f09c2eda814e2eda814efa81f4fc96252ec0e6cfc31c4e3eb629
```
Found 6 files trough .DS_Store spidering:

/cgi-bin
/wp-admin
/wp-admin/css
/wp-admin/images
/wp-content
/wp-includes
```
  Found on 2021-09-02 20:56
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.145
Domain: cultivatedself.com
Port: 443
URL: https://cultivatedself.com

First seen 2021-09-02 20:56
- Severity: low
  Fingerprint: 5f32cf5d6962f09c2eda814e2eda814efa81f4fc96252ec0e6cfc31c4e3eb629
```
Found 6 files trough .DS_Store spidering:

/cgi-bin
/wp-admin
/wp-admin/css
/wp-admin/images
/wp-content
/wp-includes
```
  Found on 2021-09-02 20:56
Create report
Leak detected by NucleiPlugin

No description available

IP: 66.235.200.145
Domain: www.alisharousselle.com
Port: 443
URL: https://www.alisharousselle.com

First seen 2021-08-07 23:55
Last seen 2021-08-11 19:24
Open for 3 days
- Fingerprint: 33fc8a384ee3c2e7ac18478eac18478e36179c0182da09baf988b4bdf988b4bd
```
Nuclei scan report for tags joomla, php:

joomla-file-listing : Joomla database files listing by iampritam
-------------
Searches for the pattern /libraries/joomla/database/ on passed URLs.
```
  Found on 2021-08-07 23:55
Create report
Leak detected by NucleiPlugin

No description available

IP: 66.235.200.145
Domain: alisharousselle.com
Port: 443
URL: https://alisharousselle.com

First seen 2021-08-07 23:55
Last seen 2021-08-11 19:24
Open for 3 days
- Fingerprint: 33fc8a384ee3c2e7ac18478eac18478e36179c0182da09baf988b4bdf988b4bd
```
Nuclei scan report for tags joomla, php:

joomla-file-listing : Joomla database files listing by iampritam
-------------
Searches for the pattern /libraries/joomla/database/ on passed URLs.
```
  Found on 2021-08-07 23:55
Create report

Open service 66.235.200.145:8443 · textureofeternity.com

2024-07-01 22:10

HTTP/1.1 521 
Date: Mon, 01 Jul 2024 22:10:32 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: _cfuvid=Lw6bRrHKChfOrhYUeForj_aNugTq4VblD2XAHLI_8VU-1719871832553-0.0.1.1-604800000; path=/; domain=.textureofeternity.com; HttpOnly
Server: cloudflare
CF-RAY: 89c9ba087ae1ab1e-YYZ


error code: 521

Found about a minute ago by HttpPlugin

Host 66.235.200.145

United States

Software information

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

A JSON configuration file has been found

A JSON configuration file has been found

A JSON configuration file has been found

A JSON configuration file has been found

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Symfony developement panel enabled

Symfony developement panel enabled

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

A JSON configuration file has been found

A JSON configuration file has been found

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

A JSON configuration file has been found

A JSON configuration file has been found

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

VSCode SFTP configuration exposed

MacOS file listing through .DS_Store file

Symfony developement panel enabled

Symfony developement panel enabled

A JSON configuration file has been found

A JSON configuration file has been found

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin