LeakIX - Host 66.235.200.146

Host 66.235.200.146

United States

UNIFIEDLAYER-AS-1

Software information

cloudflare

tcp/443 tcp/80 tcp/8443

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.flytekaviation.com
Port: 443
URL: https://www.flytekaviation.com

First seen 2024-08-30 16:17
Last seen 2024-11-08 22:00
Open for 70 days

Severity: high
Fingerprint: 5f32cf5d6962f09c3e8b9cac3e8b9cac2e8d28c8056aacb8e127f7409edc733e

Found 48 files trough .DS_Store spidering:

/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/favicon.ico
/index.php
/license.txt
/local-xdebuginfo.php
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-content/advanced-cache.php
/wp-content/ai1wm-backups
/wp-content/index.php
/wp-content/languages
/wp-content/mu-plugins
/wp-content/plugins
/wp-content/plugins/kadence-blocks
/wp-content/plugins/kadence-starter-templates
/wp-content/plugins/kadence-woo-extras
/wp-content/plugins/paid-memberships-pro
/wp-content/plugins/pixelyoursite
/wp-content/plugins/sitepress-multilingual-cms
/wp-content/plugins/tutor-pro
/wp-content/plugins/woocommerce
/wp-content/plugins/wordpress-seo
/wp-content/temp-write-test-6668150b84edc8-16950319
/wp-content/temp-write-test-6668150d965463-62450219
/wp-content/temp-write-test-6668150db00e11-04159606
/wp-content/temp-write-test-6668150dd9a601-48312896
/wp-content/themes
/wp-content/upgrade
/wp-content/upgrade-temp-backup
/wp-content/uploads
/wp-content/wpmdb-tmp-52bef1ee161a6c945b8d573687511ada
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php

Found on 2024-11-08 22:00

Severity: high
Fingerprint: 5f32cf5d6962f09cb3107650b3107650ff0425b4236aed24777f26f40d6fe775

Found 39 files trough .DS_Store spidering:

/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/favicon.ico
/index.php
/license.txt
/local-xdebuginfo.php
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-content/advanced-cache.php
/wp-content/ai1wm-backups
/wp-content/index.php
/wp-content/languages
/wp-content/mu-plugins
/wp-content/plugins
/wp-content/temp-write-test-6668150b84edc8-16950319
/wp-content/temp-write-test-6668150d965463-62450219
/wp-content/temp-write-test-6668150db00e11-04159606
/wp-content/temp-write-test-6668150dd9a601-48312896
/wp-content/themes
/wp-content/upgrade
/wp-content/upgrade-temp-backup
/wp-content/uploads
/wp-content/wpmdb-tmp-52bef1ee161a6c945b8d573687511ada
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php

Found on 2024-11-05 01:09

Severity: high
Fingerprint: 5f32cf5d6962f09cddacc81addacc81a52123022e40d1ffa0efc9aee149cca07

Found 68 files trough .DS_Store spidering:

/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/favicon.ico
/index.php
/license.txt
/local-xdebuginfo.php
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-content/advanced-cache.php
/wp-content/ai1wm-backups
/wp-content/index.php
/wp-content/languages
/wp-content/mu-plugins
/wp-content/plugins
/wp-content/temp-write-test-6668150b84edc8-16950319
/wp-content/temp-write-test-6668150d965463-62450219
/wp-content/temp-write-test-6668150db00e11-04159606
/wp-content/temp-write-test-6668150dd9a601-48312896
/wp-content/themes
/wp-content/upgrade
/wp-content/upgrade-temp-backup
/wp-content/uploads
/wp-content/uploads/2022
/wp-content/uploads/2022/05
/wp-content/uploads/2022/06
/wp-content/uploads/2022/07
/wp-content/uploads/2022/08
/wp-content/uploads/2022/09
/wp-content/uploads/2022/12
/wp-content/uploads/2023
/wp-content/uploads/2024
/wp-content/uploads/ac_assets
/wp-content/uploads/ai-builder
/wp-content/uploads/ast-block-templates-json
/wp-content/uploads/astra-sites
/wp-content/uploads/elementor
/wp-content/uploads/fbrfg
/wp-content/uploads/mailpoet
/wp-content/uploads/rank-math
/wp-content/uploads/unlimited_elements_cache
/wp-content/uploads/wc-logs
/wp-content/uploads/woocommerce-placeholder-100x100.png
/wp-content/uploads/woocommerce-placeholder-1024x1024.png
/wp-content/uploads/woocommerce-placeholder-150x150.png
/wp-content/uploads/woocommerce-placeholder-300x300.png
/wp-content/uploads/woocommerce-placeholder-600x600.png
/wp-content/uploads/woocommerce-placeholder-768x768.png
/wp-content/uploads/woocommerce-placeholder.png
/wp-content/uploads/woocommerce_uploads
/wp-content/uploads/wp-migrate-db
/wp-content/uploads/wpcode
/wp-content/wpmdb-tmp-52bef1ee161a6c945b8d573687511ada
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php

Found on 2024-09-14 11:03

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: robertreyesjr.com
Port: 443
URL: https://robertreyesjr.com

First seen 2021-09-16 06:31
Last seen 2024-11-08 14:58
Open for 1149 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcd4b2e02b0b9199b13a9ccd230330a715
```
Found 22 files trough .DS_Store spidering:

/index.php
/license.txt
/loader.php
/mojo-package.sh
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2024-11-08 14:58
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.robertreyesjr.com
Port: 443
URL: https://www.robertreyesjr.com

First seen 2021-09-16 06:31
Last seen 2024-11-08 13:06
Open for 1149 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcd4b2e02b0b9199b13a9ccd230330a715
```
Found 22 files trough .DS_Store spidering:

/index.php
/license.txt
/loader.php
/mojo-package.sh
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2024-11-08 13:06
Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: www.novarradigital.com
Port: 443
URL: https://www.novarradigital.com/.vscode/sftp.json

First seen 2023-01-19 06:14
Last seen 2024-10-28 04:20
Open for 647 days

Fingerprint: 13b3a7b17cfc7502c36c325dcd8867f9ea0e779e2653d6b3d3d226828ea4b56f

{
    "name": "conserveitja",
    "host": "sftp.wp.com",
    "protocol": "sftp",
    "port": 22,
    "username": "conserveitja.wordpress.com",
    "password": "Paconino187",
    "remotePath": "/",
    "uploadOnSave": true
}

Found on 2024-10-28 04:20

223 Bytes

Fingerprint: 13b3a7b18ffc92a5781c11127d0c47cd236940d47f7751364c59f9e67764566d

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jul 2023 04:34:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Set-Cookie: wp_travel_session=e7f21a04c2786d11e1f8dd84d6b922cf%7C%7C1690175066%7C%7C1690174706; expires=Mon, 24-Jul-2023 05:04:26 GMT; Max-Age=1800; path=/; domain=.novarradigital.com
Location: https://novarradigital.com/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7eb9735d38f9c35b-EWR


0

{
    "name": "conserveitja",
    "host": "sftp.wp.com",
    "protocol": "sftp",
    "port": 22,
    "username": "conserveitja.wordpress.com",
    "password": "Paconino187",
    "remotePath": "/",
    "uploadOnSave": true
}

Found on 2023-07-24 04:34

223 Bytes

Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: novarradigital.com
Port: 443
URL: https://novarradigital.com/.vscode/sftp.json

First seen 2023-01-19 06:14
Last seen 2024-10-28 04:20
Open for 647 days

Fingerprint: 13b3a7b17cfc7502c36c325dcd8867f9ea0e779e2653d6b3d3d226828ea4b56f

{
    "name": "conserveitja",
    "host": "sftp.wp.com",
    "protocol": "sftp",
    "port": 22,
    "username": "conserveitja.wordpress.com",
    "password": "Paconino187",
    "remotePath": "/",
    "uploadOnSave": true
}

Found on 2024-10-28 04:20

223 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39dabd20c5758f3053bc082a025e203d811ef3b15b1e

HTTP/1.1 200 OK
Date: Mon, 24 Jul 2023 04:34:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: wp_travel_session=2a882c20658abc1c54bd0702d1487372%7C%7C1690175066%7C%7C1690174706; expires=Mon, 24-Jul-2023 05:04:26 GMT; Max-Age=1800; path=/; domain=.novarradigital.com
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Last-Modified: Mon, 24 Jul 2023 04:34:27 GMT
Server: cloudflare
CF-RAY: 7eb9735c2a8143e2-EWR

Page title: Novarra Digital — Coming Soon

8a4
<!DOCTYPE html>
<html lang="en-US">
	<head>
		<meta name="viewport" content="width=device-width">
		<meta name="robots" content="noindex, nofollow" />
		<title>Novarra Digital &mdash; Coming Soon</title>
		<script src="https://novarradigital.com/wp-includes/js/jquery/jquery.js"></script>
		<style type="text/css">* {
    box-sizing: border-box;
    -moz-box-sizing: border-box;
    -webkit-box-sizing: border-box;
}

body {
    background-color: white;
    color: black;
    overflow-x: hidden;
    margin: 0;
}

#wrap {
    align-items: center;
    display: flex;
    justify-content: center;
    min-height: 100vh;
}

.content {
    flex: 1;
    margin: auto 5%;
    padding: 0;
    text-align: center;
    max-width: 420px;
}

footer {
    width: 100%;
    position: fixed;
    bottom: 0;
    left: 0;
}

footer p {
    text-align: center;
}

.btn {
    background: black;
    background-image: none;
    border: 1px solid black;
    box-shadow: none;
    color: white;
    cursor: pointer;
    display: inline-block;
    font-size: 14px;
    font-weight: 400;
    line-height: 1.5;
    margin-top: 10px;
    padding: 6px 30px;
    text-align: center;
    text-decoration: none;
    touch-action: manipulation;
    transition: all 0.2s ease;
    user-select: none;
    vertical-align: middle;
    white-space: nowrap;
}

.status-message {
    display: none;
}</style>
					<link rel="stylesheet" href="https://novarradigital.com/wp-content/plugins/bluehost-wordpress-plugin/assets/styles/coming-soon.css?v=3.0.6" />
			</head>
	<body>
		<div id="wrap">
			<main class="content">
								<div class="subscription_widget">
					<h1>Coming Soon!</h1>
					<h2>A New WordPress Site</h2>
														</div>
							</main>
		</div>
		<footer>
			<p class="text-center">
				A <a href="https://bluehost.com?utm_source=coming-soon-template&#038;utm_medium=bluehost_plugin" target="_blank" rel="noopener noreferrer nofollow">Bluehost</a> powered website. Is this your website? Log in to <a href="https://novarradigital.com/wp-login.php">WordPress</a> or <a href="https://my.bluehost.com/web-hosting/cplogin" target="_blank" rel="noopener noreferrer nofollow">Bluehost</a>.&nbsp;			</p>
		</footer>
	</body>
</html>

0

{
    "name": "conserveitja",
    "host": "sftp.wp.com",
    "protocol": "sftp",
    "port": 22,
    "username": "conserveitja.wordpress.com",
    "password": "Paconino187",
    "remotePath": "/",
    "uploadOnSave": true
}

Found on 2023-07-24 04:34

223 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: tbito100.co
Port: 443
URL: https://tbito100.co

First seen 2021-09-20 10:59
Last seen 2024-10-21 07:20
Open for 1126 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2024-10-21 07:20
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.tbito100.co
Port: 443
URL: https://www.tbito100.co

First seen 2021-09-20 10:59
Last seen 2024-10-21 07:20
Open for 1126 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2024-10-21 07:20
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 66.235.200.146
Domain: citygarms.com
Port: 443
URL: https://citygarms.com

First seen 2024-09-26 01:27
Last seen 2024-09-30 01:26
Open for 3 days
- Severity: critical
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522eb9d8dce
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://sumanmali1167:glpat-Pmm22YQxybaTLnHbnDov@gitlab.com/templates8970732/coming_soon.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "citygarms"]
	remote = origin
	merge = refs/heads/citygarms
```
  Found on 2024-09-30 01:26
  
  381 Bytes
Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: www.bwfarming.com
Port: 443
URL: https://www.bwfarming.com/.vscode/sftp.json

First seen 2023-01-05 07:27
Last seen 2024-09-28 05:55
Open for 631 days

Fingerprint: 13b3a7b17cfc7502c36c325dc17f2b7d6f54d89c1c46aabee59de3afdfe7681a

{
    "protocol": "ftp",
    "host": "ftp.bluelionsoft.com",
    "port": 21,
    "username": "jairobonilla@bluelionsoft.com",
    "password": "$[xL0)Yke624",
    "remotePath": "/bw/"
}

Found on 2024-09-28 05:55

184 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39dabd20c5758f3053bc082a025e6dd3954d381d3c2b

HTTP/1.1 200 OK
Date: Sun, 10 Sep 2023 19:41:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=tbthemo399vhn4en38sitvt7t5; path=/
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Sep 2023 19:41:12 GMT
Server: cloudflare
CF-RAY: 804a25a6fd3e9188-FRA

Page title: B&W Farming

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, height=device-height, viewport-fit=cover">

    <link rel="shortcut icon" type="image/ico" href="libs/imgs/icons/favicon.ico" />
    <link rel="manifest" href="manifest.json">

    <!-- Android-->
    <meta name="theme-color" content="#3498db">


    <!-- IOS-->
    <meta name="apple-mobile-web-app-capable" content="yes">
    <link rel="apple-touch-icon" href="libs/img/icons/icon-192x192.png">
    <link rel="apple-touch-icon" sizes="152x152" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="180x180" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="167x167" href="libs/img/icons/apple-icon-180x180.png">

    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">

    <meta name="apple-mobile-web-app-title" content="B&W Farming">
    <title>B&W Farming</title>
    <link rel="stylesheet" href="libs/css/style.css"> <!-- Resource style -->
    <!-- jQuery -->
    <script type="text/javascript" src="libs/jQuery/jquery-2.1.3.js"></script>
    <!-- Bootstrap core CSS -->
    <script src="libs/bootstrap/js/bootstrap.js"></script>
    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css">
    <link href="libs/bootstrap/css/bootstrap.min.css" rel="stylesheet">
    <script type="text/javascript" src="libs/bootstrap/js//bootstrap.min.js"></script>
    <script type="text/javascript" src="libs/bootstrap/js/jquery.bootstrap-growl.min.js"></script>
    <script type="text/javascript" src="libs/funciones/func_generales.js"></script>
    <script type="text/javascript" src="libs/funciones/func_configuracion.js"></script>
    <link rel="stylesheet" type="text/css" href="libs/css/modal_styles.css">
    <link rel="stylesheet" type="text/css" href="libs/css/general.css">
    <link rel="stylesheet" type="text/css" href="libs/css/styles.css">

    <script src="libs/js/app.js"></script>

</head>
<script>
    $('#login_form').submit(function() {
        $('#loader').css('visibility', 'visible');
    });

    function quitLoading() {
        $( "#loader" ).hide();
        $( "#cuerpo" ).show();
    }
	$(document).ready(function(){
		$flag_envio_correo = 0;
		var flag_alert = '0';
		if (flag_alert != 0){
			$('.alert').alert().show();
		} else {
			$('.alert').hide();
		}

		/* Click en botón olvide contraseña */
		$( "#olvide" ).click(function() {
				//Manda a traer el formulario de Olivde contraseña
				$.ajax({
			    type: 'POST',
			    url: 'mod_admin_usuarios/ui/usu_olvide_password.php',
			    success: function(data) {
						$( "#div_login" ).empty().append(data);
			    }
			  });
		});
        $('#checkbox_translate').change(function(event) {
            /* Act on the event */
            event.preventDefault();
            event.stopPropagation();
            ($('#checkbox_translate').attr('checked') ? $('#checkbox_translate').removeAttr('checked') : $('#checkbox_translate').attr('checked','checked'))
            grl_traducir_interfaz(($('#checkbox_translate').attr('checked') ? 1 : 0));
        });
	}); //Fin ready
</script>
<style>
	.popover-content {
	    color: red;
	    font-size: 15px;
		font-family: "Times New Roman", Times, serif;
	}

	#confirm_pass,#nuevo_pass{
		border-bottom-right-radius:5px;
		border-top-right-radius:5px;
	}

	.top_nav {
      background-color: #2ea3f2;
      border-color: #2ea3f2;
    }

    .top_nav > #a {
        text-decoration: #ffffff;
    }

    form{
        margin-left:auto;
        margin-right:auto;
        /* width: 270px; */
        height: 225px;
        padding: 10px;
        overflow: hidden;
    }

    .alert_position{
        top:70px;
        margin-left: auto;
        margin-right: auto;
        width:270px;
        z-index: 5;
	}
    body {
        padding-top: 0px;
        /* Margin bottom by footer height */
        margin-bottom: 60px;
      }

    .footer {
        position: fixed;
        botto{
    "protocol": "ftp",
    "host": "ftp.bluelionsoft.com",
    "port": 21,
    "username": "jairobonilla@bluelionsoft.com",
    "password": "$[xL0)Yke624",
    "remotePath": "/bw/"
}

Found on 2023-09-10 19:41

184 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39dabd20c5758f3053bc082a025e6dd3954d80797b05

HTTP/1.1 200 OK
Date: Thu, 07 Sep 2023 05:54:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=4v6in0a1vl3atn790rqep9d3q2; path=/
CF-Cache-Status: MISS
Last-Modified: Thu, 07 Sep 2023 05:54:55 GMT
Server: cloudflare
CF-RAY: 802cb323fd84a123-SIN

Page title: B&W Farming

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, height=device-height, viewport-fit=cover">

    <link rel="shortcut icon" type="image/ico" href="libs/imgs/icons/favicon.ico" />
    <link rel="manifest" href="manifest.json">

    <!-- Android-->
    <meta name="theme-color" content="#3498db">


    <!-- IOS-->
    <meta name="apple-mobile-web-app-capable" content="yes">
    <link rel="apple-touch-icon" href="libs/img/icons/icon-192x192.png">
    <link rel="apple-touch-icon" sizes="152x152" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="180x180" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="167x167" href="libs/img/icons/apple-icon-180x180.png">

    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">

    <meta name="apple-mobile-web-app-title" content="B&W Farming">
    <title>B&W Farming</title>
    <link rel="stylesheet" href="libs/css/style.css"> <!-- Resource style -->
    <!-- jQuery -->
    <script type="text/javascript" src="libs/jQuery/jquery-2.1.3.js"></script>
    <!-- Bootstrap core CSS -->
    <script src="libs/bootstrap/js/bootstrap.js"></script>
    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css">
    <link href="libs/bootstrap/css/bootstrap.min.css" rel="stylesheet">
    <script type="text/javascript" src="libs/bootstrap/js//bootstrap.min.js"></script>
    <script type="text/javascript" src="libs/bootstrap/js/jquery.bootstrap-growl.min.js"></script>
    <script type="text/javascript" src="libs/funciones/func_generales.js"></script>
    <script type="text/javascript" src="libs/funciones/func_configuracion.js"></script>
    <link rel="stylesheet" type="text/css" href="libs/css/modal_styles.css">
    <link rel="stylesheet" type="text/css" href="libs/css/general.css">
    <link rel="stylesheet" type="text/css" href="libs/css/styles.css">

    <script src="libs/js/app.js"></script>

</head>
<script>
    $('#login_form').submit(function() {
        $('#loader').css('visibility', 'visible');
    });

    function quitLoading() {
        $( "#loader" ).hide();
        $( "#cuerpo" ).show();
    }
	$(document).ready(function(){
		$flag_envio_correo = 0;
		var flag_alert = '0';
		if (flag_alert != 0){
			$('.alert').alert().show();
		} else {
			$('.alert').hide();
		}

		/* Click en botón olvide contraseña */
		$( "#olvide" ).click(function() {
				//Manda a traer el formulario de Olivde contraseña
				$.ajax({
			    type: 'POST',
			    url: 'mod_admin_usuarios/ui/usu_olvide_password.php',
			    success: function(data) {
						$( "#div_login" ).empty().append(data);
			    }
			  });
		});
        $('#checkbox_translate').change(function(event) {
            /* Act on the event */
            event.preventDefault();
            event.stopPropagation();
            ($('#checkbox_translate').attr('checked') ? $('#checkbox_translate').removeAttr('checked') : $('#checkbox_translate').attr('checked','checked'))
            grl_traducir_interfaz(($('#checkbox_translate').attr('checked') ? 1 : 0));
        });
	}); //Fin ready
</script>
<style>
	.popover-content {
	    color: red;
	    font-size: 15px;
		font-family: "Times New Roman", Times, serif;
	}

	#confirm_pass,#nuevo_pass{
		border-bottom-right-radius:5px;
		border-top-right-radius:5px;
	}

	.top_nav {
      background-color: #2ea3f2;
      border-color: #2ea3f2;
    }

    .top_nav > #a {
        text-decoration: #ffffff;
    }

    form{
        margin-left:auto;
        margin-right:auto;
        /* width: 270px; */
        height: 225px;
        padding: 10px;
        overflow: hidden;
    }

    .alert_position{
        top:70px;
        margin-left: auto;
        margin-right: auto;
        width:270px;
        z-index: 5;
	}
    body {
        padding-top: 0px;
        /* Margin bottom by footer height */
        margin-bottom: 60px;
      }

    .footer {
        position: fixed;
        botto{
    "protocol": "ftp",
    "host": "ftp.bluelionsoft.com",
    "port": 21,
    "username": "jairobonilla@bluelionsoft.com",
    "password": "$[xL0)Yke624",
    "remotePath": "/bw/"
}

Found on 2023-09-07 05:54

184 Bytes

Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: bwfarming.com
Port: 443
URL: https://bwfarming.com/.vscode/sftp.json

First seen 2023-01-05 07:27
Last seen 2024-09-28 05:55
Open for 631 days

Fingerprint: 13b3a7b17cfc7502c36c325dc17f2b7d6f54d89c1c46aabee59de3afdfe7681a

{
    "protocol": "ftp",
    "host": "ftp.bluelionsoft.com",
    "port": 21,
    "username": "jairobonilla@bluelionsoft.com",
    "password": "$[xL0)Yke624",
    "remotePath": "/bw/"
}

Found on 2024-09-28 05:55

184 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39dabd20c5758f3053bc082a025e6dd3954d49a635d8

HTTP/1.1 200 OK
Date: Sun, 10 Sep 2023 16:47:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=mmmdvc4pl4ml8avdlv1g2c9in2; path=/
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Sep 2023 16:47:42 GMT
Server: cloudflare
CF-RAY: 804927806a1dbb71-FRA

Page title: B&W Farming

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, height=device-height, viewport-fit=cover">

    <link rel="shortcut icon" type="image/ico" href="libs/imgs/icons/favicon.ico" />
    <link rel="manifest" href="manifest.json">

    <!-- Android-->
    <meta name="theme-color" content="#3498db">


    <!-- IOS-->
    <meta name="apple-mobile-web-app-capable" content="yes">
    <link rel="apple-touch-icon" href="libs/img/icons/icon-192x192.png">
    <link rel="apple-touch-icon" sizes="152x152" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="180x180" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="167x167" href="libs/img/icons/apple-icon-180x180.png">

    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">

    <meta name="apple-mobile-web-app-title" content="B&W Farming">
    <title>B&W Farming</title>
    <link rel="stylesheet" href="libs/css/style.css"> <!-- Resource style -->
    <!-- jQuery -->
    <script type="text/javascript" src="libs/jQuery/jquery-2.1.3.js"></script>
    <!-- Bootstrap core CSS -->
    <script src="libs/bootstrap/js/bootstrap.js"></script>
    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css">
    <link href="libs/bootstrap/css/bootstrap.min.css" rel="stylesheet">
    <script type="text/javascript" src="libs/bootstrap/js//bootstrap.min.js"></script>
    <script type="text/javascript" src="libs/bootstrap/js/jquery.bootstrap-growl.min.js"></script>
    <script type="text/javascript" src="libs/funciones/func_generales.js"></script>
    <script type="text/javascript" src="libs/funciones/func_configuracion.js"></script>
    <link rel="stylesheet" type="text/css" href="libs/css/modal_styles.css">
    <link rel="stylesheet" type="text/css" href="libs/css/general.css">
    <link rel="stylesheet" type="text/css" href="libs/css/styles.css">

    <script src="libs/js/app.js"></script>

</head>
<script>
    $('#login_form').submit(function() {
        $('#loader').css('visibility', 'visible');
    });

    function quitLoading() {
        $( "#loader" ).hide();
        $( "#cuerpo" ).show();
    }
	$(document).ready(function(){
		$flag_envio_correo = 0;
		var flag_alert = '0';
		if (flag_alert != 0){
			$('.alert').alert().show();
		} else {
			$('.alert').hide();
		}

		/* Click en botón olvide contraseña */
		$( "#olvide" ).click(function() {
				//Manda a traer el formulario de Olivde contraseña
				$.ajax({
			    type: 'POST',
			    url: 'mod_admin_usuarios/ui/usu_olvide_password.php',
			    success: function(data) {
						$( "#div_login" ).empty().append(data);
			    }
			  });
		});
        $('#checkbox_translate').change(function(event) {
            /* Act on the event */
            event.preventDefault();
            event.stopPropagation();
            ($('#checkbox_translate').attr('checked') ? $('#checkbox_translate').removeAttr('checked') : $('#checkbox_translate').attr('checked','checked'))
            grl_traducir_interfaz(($('#checkbox_translate').attr('checked') ? 1 : 0));
        });
	}); //Fin ready
</script>
<style>
	.popover-content {
	    color: red;
	    font-size: 15px;
		font-family: "Times New Roman", Times, serif;
	}

	#confirm_pass,#nuevo_pass{
		border-bottom-right-radius:5px;
		border-top-right-radius:5px;
	}

	.top_nav {
      background-color: #2ea3f2;
      border-color: #2ea3f2;
    }

    .top_nav > #a {
        text-decoration: #ffffff;
    }

    form{
        margin-left:auto;
        margin-right:auto;
        /* width: 270px; */
        height: 225px;
        padding: 10px;
        overflow: hidden;
    }

    .alert_position{
        top:70px;
        margin-left: auto;
        margin-right: auto;
        width:270px;
        z-index: 5;
	}
    body {
        padding-top: 0px;
        /* Margin bottom by footer height */
        margin-bottom: 60px;
      }

    .footer {
        position: fixed;
        botto{
    "protocol": "ftp",
    "host": "ftp.bluelionsoft.com",
    "port": 21,
    "username": "jairobonilla@bluelionsoft.com",
    "password": "$[xL0)Yke624",
    "remotePath": "/bw/"
}

Found on 2023-09-10 16:47

184 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39dabd20c5758f3053bc082a025e6dd3954dd67b074a

HTTP/1.1 200 OK
Date: Thu, 07 Sep 2023 05:54:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=p863rv9nijtm4fpbrqaac54ej5; path=/
CF-Cache-Status: MISS
Last-Modified: Thu, 07 Sep 2023 05:54:54 GMT
Server: cloudflare
CF-RAY: 802cb31f2b9c0f84-EWR

Page title: B&W Farming

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, height=device-height, viewport-fit=cover">

    <link rel="shortcut icon" type="image/ico" href="libs/imgs/icons/favicon.ico" />
    <link rel="manifest" href="manifest.json">

    <!-- Android-->
    <meta name="theme-color" content="#3498db">


    <!-- IOS-->
    <meta name="apple-mobile-web-app-capable" content="yes">
    <link rel="apple-touch-icon" href="libs/img/icons/icon-192x192.png">
    <link rel="apple-touch-icon" sizes="152x152" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="180x180" href="libs/img/icons/apple-icon-180x180.png">
    <link rel="apple-touch-icon" sizes="167x167" href="libs/img/icons/apple-icon-180x180.png">

    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">

    <meta name="apple-mobile-web-app-title" content="B&W Farming">
    <title>B&W Farming</title>
    <link rel="stylesheet" href="libs/css/style.css"> <!-- Resource style -->
    <!-- jQuery -->
    <script type="text/javascript" src="libs/jQuery/jquery-2.1.3.js"></script>
    <!-- Bootstrap core CSS -->
    <script src="libs/bootstrap/js/bootstrap.js"></script>
    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css">
    <link href="libs/bootstrap/css/bootstrap.min.css" rel="stylesheet">
    <script type="text/javascript" src="libs/bootstrap/js//bootstrap.min.js"></script>
    <script type="text/javascript" src="libs/bootstrap/js/jquery.bootstrap-growl.min.js"></script>
    <script type="text/javascript" src="libs/funciones/func_generales.js"></script>
    <script type="text/javascript" src="libs/funciones/func_configuracion.js"></script>
    <link rel="stylesheet" type="text/css" href="libs/css/modal_styles.css">
    <link rel="stylesheet" type="text/css" href="libs/css/general.css">
    <link rel="stylesheet" type="text/css" href="libs/css/styles.css">

    <script src="libs/js/app.js"></script>

</head>
<script>
    $('#login_form').submit(function() {
        $('#loader').css('visibility', 'visible');
    });

    function quitLoading() {
        $( "#loader" ).hide();
        $( "#cuerpo" ).show();
    }
	$(document).ready(function(){
		$flag_envio_correo = 0;
		var flag_alert = '0';
		if (flag_alert != 0){
			$('.alert').alert().show();
		} else {
			$('.alert').hide();
		}

		/* Click en botón olvide contraseña */
		$( "#olvide" ).click(function() {
				//Manda a traer el formulario de Olivde contraseña
				$.ajax({
			    type: 'POST',
			    url: 'mod_admin_usuarios/ui/usu_olvide_password.php',
			    success: function(data) {
						$( "#div_login" ).empty().append(data);
			    }
			  });
		});
        $('#checkbox_translate').change(function(event) {
            /* Act on the event */
            event.preventDefault();
            event.stopPropagation();
            ($('#checkbox_translate').attr('checked') ? $('#checkbox_translate').removeAttr('checked') : $('#checkbox_translate').attr('checked','checked'))
            grl_traducir_interfaz(($('#checkbox_translate').attr('checked') ? 1 : 0));
        });
	}); //Fin ready
</script>
<style>
	.popover-content {
	    color: red;
	    font-size: 15px;
		font-family: "Times New Roman", Times, serif;
	}

	#confirm_pass,#nuevo_pass{
		border-bottom-right-radius:5px;
		border-top-right-radius:5px;
	}

	.top_nav {
      background-color: #2ea3f2;
      border-color: #2ea3f2;
    }

    .top_nav > #a {
        text-decoration: #ffffff;
    }

    form{
        margin-left:auto;
        margin-right:auto;
        /* width: 270px; */
        height: 225px;
        padding: 10px;
        overflow: hidden;
    }

    .alert_position{
        top:70px;
        margin-left: auto;
        margin-right: auto;
        width:270px;
        z-index: 5;
	}
    body {
        padding-top: 0px;
        /* Margin bottom by footer height */
        margin-bottom: 60px;
      }

    .footer {
        position: fixed;
        botto{
    "protocol": "ftp",
    "host": "ftp.bluelionsoft.com",
    "port": 21,
    "username": "jairobonilla@bluelionsoft.com",
    "password": "$[xL0)Yke624",
    "remotePath": "/bw/"
}

Found on 2023-09-07 05:54

184 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.michellebeckermft.com
Port: 443
URL: https://www.michellebeckermft.com

First seen 2021-08-09 13:24
Last seen 2024-09-24 15:56
Open for 1142 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2024-09-24 15:56
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: michellebeckermft.com
Port: 443
URL: https://michellebeckermft.com

First seen 2021-08-09 13:24
Last seen 2024-09-24 15:56
Open for 1142 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2024-09-24 15:56
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: distribusofia.com
Port: 443
URL: https://distribusofia.com

First seen 2021-09-10 02:58
Last seen 2024-09-22 22:42
Open for 1108 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d9f6ecf579f6ecf579f6ecf579f6ecf57
```
Found 1 files trough .DS_Store spidering:

/webservice
```
  Found on 2024-09-22 22:42
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.distribusofia.com
Port: 443
URL: https://www.distribusofia.com

First seen 2021-09-10 02:58
Last seen 2024-09-22 22:42
Open for 1108 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d9f6ecf579f6ecf579f6ecf579f6ecf57
```
Found 1 files trough .DS_Store spidering:

/webservice
```
  Found on 2024-09-22 22:42
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: steegness.com
Port: 443
URL: https://steegness.com/.vscode/sftp.json

First seen 2024-05-22 22:13
Last seen 2024-08-08 06:05
Open for 77 days
- Fingerprint: 13b3a7b17cfc7502c36c325da9c1af3167c75a17796463c3c6006a7b1d0de2af
```
{
    "name": "steegness ftp",
    "host": "ftp.steegness.com",
    "protocol": "ftp",
    "password": "WWB5ju4Tgc!sb#8",
    "port": 21,
    "username": "steegnes",
    "remotePath": "/public_html/",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}
```
  Found on 2024-08-08 06:05
  
  277 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: www.steegness.com
Port: 443
URL: https://www.steegness.com/.vscode/sftp.json

First seen 2024-05-23 03:08
Last seen 2024-08-07 01:01
Open for 75 days
- Fingerprint: 13b3a7b17cfc7502c36c325da9c1af3167c75a17796463c3c6006a7b1d0de2af
```
{
    "name": "steegness ftp",
    "host": "ftp.steegness.com",
    "protocol": "ftp",
    "password": "WWB5ju4Tgc!sb#8",
    "port": 21,
    "username": "steegnes",
    "remotePath": "/public_html/",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}
```
  Found on 2024-08-07 01:01
  
  277 Bytes
Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 162.241.253.156
Domain: detatchedgaragestudios.com
Port: 443
URL: https://detatchedgaragestudios.com/.vscode/sftp.json

First seen 2023-01-25 21:19
Last seen 2024-03-27 20:51
Open for 426 days

Fingerprint: 13b3a7b17cfc7502c36c325d6d08a50efb11038986a7a9895ac48f218576fb00

{
    "name": "Blue Host",
    "host": "ftp.detatchedgaragestudios.com",
    "protocol": "ftp",
    "port": 21,
    "username": "detatch1",
    "password": "0507_Midge_2020",
    "remotePath": "/public_html",
    "uploadOnSave": false
}

Found on 2024-03-27 20:51

237 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39da22333d1f574608a82d237f2e0e8272c8c14101e0

HTTP/1.1 200 OK
Date: Sat, 01 Jul 2023 20:52:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 08 Jun 2022 15:41:26 GMT
Accept-Ranges: bytes
Content-Length: 6429
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: text/html

Page title: Detached Garage Studios{
    "name": "Blue Host",
    "host": "ftp.detatchedgaragestudios.com",
    "protocol": "ftp",
    "port": 21,
    "username": "detatch1",
    "password": "0507_Midge_2020",
    "remotePath": "/public_html",
    "uploadOnSave": false
}

Found on 2023-07-01 20:52

237 Bytes

Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 162.241.253.156
Domain: www.detatchedgaragestudios.com
Port: 443
URL: https://www.detatchedgaragestudios.com/.vscode/sftp.json

First seen 2023-01-25 22:34
Last seen 2024-03-27 20:51
Open for 426 days

Fingerprint: 13b3a7b17cfc7502c36c325d6d08a50efb11038986a7a9895ac48f218576fb00

{
    "name": "Blue Host",
    "host": "ftp.detatchedgaragestudios.com",
    "protocol": "ftp",
    "port": 21,
    "username": "detatch1",
    "password": "0507_Midge_2020",
    "remotePath": "/public_html",
    "uploadOnSave": false
}

Found on 2024-03-27 20:51

237 Bytes

Fingerprint: 13b3a7b18ffc92a5ebda39da22333d1f574608a82d237f2e0e8272c8c14101e0

HTTP/1.1 200 OK
Date: Sat, 01 Jul 2023 20:52:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 08 Jun 2022 15:41:26 GMT
Accept-Ranges: bytes
Content-Length: 6429
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: text/html

Page title: Detached Garage Studios{
    "name": "Blue Host",
    "host": "ftp.detatchedgaragestudios.com",
    "protocol": "ftp",
    "port": 21,
    "username": "detatch1",
    "password": "0507_Midge_2020",
    "remotePath": "/public_html",
    "uploadOnSave": false
}

Found on 2023-07-01 20:52

237 Bytes

Create report

Moodle is vulnerable
The following Moodle application is publicly accessible and looks out-dated :

It is highly recommended to update to a safe version as soon as possible since multiple CVEs allow remote attackers to craft XSS attacks leading to code execution on the server.

If the application was already patched, reloading the web server to clear the PHP opcache will fix issue.

Reference:

https://www.cvedetails.com/cve/CVE-2023-30943
IP: 66.235.200.146
Domain: examsjo.com
Port: 443
URL: https://examsjo.com

First seen 2023-09-07 07:12
Last seen 2024-02-02 05:05
Open for 147 days
- Severity: high
  Fingerprint: 0b591a20d83e9bbda3370ce58008084480080844800808448008084480080844
```
Found vulnerable Moodle application:
Affected by CVE-2023-30943
```
  Found on 2024-02-02 05:05
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: elfaroensenada.com
Port: 443
URL: https://elfaroensenada.com

First seen 2021-10-21 19:52
Last seen 2024-01-08 17:16
Open for 808 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2024-01-08 17:16
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.elfaroensenada.com
Port: 443
URL: https://www.elfaroensenada.com

First seen 2021-10-21 19:52
Last seen 2024-01-08 17:16
Open for 808 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d28a25ad628a25ad628a25ad628a25ad6
```
Found 1 files trough .DS_Store spidering:

/.git
```
  Found on 2024-01-08 17:16
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.christianlemus.com
Port: 443
URL: https://www.christianlemus.com

First seen 2021-11-04 08:41
Last seen 2023-12-20 08:24
Open for 775 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea96367f45a086ed07d01b7f20fc0dbb463
```
Found 23 files trough .DS_Store spidering:

/index.php
/jetpack-onboarding
/license.txt
/loader.php
/mojo-package.sh
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2023-12-20 08:24
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: christianlemus.com
Port: 443
URL: https://christianlemus.com

First seen 2021-11-04 08:41
Last seen 2023-12-20 08:24
Open for 775 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea96367f45a086ed07d01b7f20fc0dbb463
```
Found 23 files trough .DS_Store spidering:

/index.php
/jetpack-onboarding
/license.txt
/loader.php
/mojo-package.sh
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2023-12-20 08:24
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 66.235.200.146
Domain: plussize-shoes.com
Port: 443
URL: https://plussize-shoes.com

First seen 2023-09-22 15:52
- Severity: critical
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65221cbff67f
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codeSmith-247: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@github.com/codeSmith-247/plussize
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
```
  Found on 2023-09-22 15:52
  
  374 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: www.adaresulitmaterestaurant.com
Port: 443
URL: https://www.adaresulitmaterestaurant.com/.vscode/sftp.json

First seen 2023-01-05 04:57
Last seen 2023-05-03 04:47
Open for 117 days
- Fingerprint: 13b3a7b17cfc7502c36c325d6d08a50e91b3820b97c31acc46e02d180e414516
```
{
    "name": "Blue Host",
    "host": "ftp.adaresulitmaterestaurant.com",
    "password": "Danny1705!",
    "protocol": "ftp",
    "port": 21,
    "username": "adaresul",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}
```
  Found on 2023-01-05 04:57
  
  283 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: adaresulitmaterestaurant.com
Port: 443
URL: https://adaresulitmaterestaurant.com/.vscode/sftp.json

First seen 2023-01-04 23:09
Last seen 2023-03-30 00:47
Open for 84 days
- Fingerprint: 13b3a7b17cfc7502c36c325d6d08a50e91b3820b97c31acc46e02d180e414516
```
{
    "name": "Blue Host",
    "host": "ftp.adaresulitmaterestaurant.com",
    "password": "Danny1705!",
    "protocol": "ftp",
    "port": 21,
    "username": "adaresul",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}
```
  Found on 2023-01-04 23:09
  
  283 Bytes
Create report
A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.146
Domain: quotes-cards.com
Port: 443
URL: https://quotes-cards.com

First seen 2022-08-17 21:21
Last seen 2023-03-22 21:28
Open for 217 days
- Fingerprint: b18befd9dd6536aa30550de56ca025cb762702fd5a526e1f03c1a87875dc6393
```
{
	"stickers": [
		{"name":"bubbles","items":104,"type":"png"},
		{"name":"stars","items":6,"type":"png","darkbg":true},
		{"name":"transportation","items":22,"type":"svg"},
		{"name":"doodles","items":100,"type":"svg"},
		{"name":"landmarks","items":100,"type":"svg"},
		{"name":"beach","items":22,"type":"svg"},
		{"name":"animals","items":10,"type":"png"},
		{"name":"clouds","items":15,"type":"png","darkbg":true}
	]
}
```
  Found on 2022-08-17 21:21
Create report
A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 66.235.200.146
Domain: quotes-cards.com
Port: 80
URL: http://quotes-cards.com

First seen 2022-08-17 21:21
Last seen 2023-03-22 21:28
Open for 217 days
- Fingerprint: b18befd9dd6536aa30550de56ca025cb762702fd5a526e1f03c1a87875dc6393
```
{
	"stickers": [
		{"name":"bubbles","items":104,"type":"png"},
		{"name":"stars","items":6,"type":"png","darkbg":true},
		{"name":"transportation","items":22,"type":"svg"},
		{"name":"doodles","items":100,"type":"svg"},
		{"name":"landmarks","items":100,"type":"svg"},
		{"name":"beach","items":22,"type":"svg"},
		{"name":"animals","items":10,"type":"png"},
		{"name":"clouds","items":15,"type":"png","darkbg":true}
	]
}
```
  Found on 2022-08-17 21:21
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: jawngames.com
Port: 443
URL: https://jawngames.com/.vscode/sftp.json

First seen 2023-01-09 01:27
Last seen 2023-03-09 00:52
Open for 58 days
- Fingerprint: 13b3a7b17cfc7502c36c325d989d06628f1d4962fd61dc12c186906887250e85
```
{
    "name": "Bluehost",
    "host": "ftp.jawngames.com",
    "protocol": "ftp",
    "port": 21,
    "username": "jawngame",
    "password": "H#f\"Ca-t2a\"@N_\"",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-09 01:27
  
  226 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: www.ssfveracruz.com
Port: 443
URL: https://www.ssfveracruz.com/.vscode/sftp.json

First seen 2023-01-29 03:46
Last seen 2023-03-01 20:37
Open for 31 days
- Fingerprint: 13b3a7b17cfc7502c36c325d74d86a72387c2745cbb67865c0ecfd9d6a06a0c4
```
{
    "name": "ssfveracruz",
    "host": "ftp.ssfveracruz.com",
    "protocol": "ftp",
    "port": 21,
    "username": "carloson@ssfveracruz.com",
    "password": "C4rL05-ssF",
    "remotePath": "/",
    "uploadOnSave": true,
    "downloadOnOpen": true
}
```
  Found on 2023-01-29 03:46
  
  254 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: pilqvist.com
Port: 443
URL: https://pilqvist.com/.vscode/sftp.json

First seen 2023-02-27 09:30
- Fingerprint: 13b3a7b17cfc7502c36c325d6d08a50eaa5386c521f6bbe517f87c1dc53e6b5f
```
{
    "name": "Blue Host",
    "host": "ftp.pilqvist.com",
    "protocol": "ftp",
    "port": 21,
    "username": "pilqvist",
    "password": "o99n3ci/2dZLvAJ",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}
```
  Found on 2023-02-27 09:30
  
  271 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: pilqvist.com
Port: 80
URL: http://pilqvist.com/.vscode/sftp.json

First seen 2023-02-27 09:30
- Fingerprint: 13b3a7b17cfc7502c36c325d6d08a50eaa5386c521f6bbe517f87c1dc53e6b5f
```
{
    "name": "Blue Host",
    "host": "ftp.pilqvist.com",
    "protocol": "ftp",
    "port": 21,
    "username": "pilqvist",
    "password": "o99n3ci/2dZLvAJ",
    "remotePath": "/public_html",
    "uploadOnSave": false,
    "useTempFile": false,
    "openSsh": false
}
```
  Found on 2023-02-27 09:30
  
  271 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: www.jawngames.com
Port: 443
URL: https://www.jawngames.com/.vscode/sftp.json

First seen 2023-01-09 01:47
Last seen 2023-02-10 00:55
Open for 31 days
- Fingerprint: 13b3a7b17cfc7502c36c325d989d06628f1d4962fd61dc12c186906887250e85
```
{
    "name": "Bluehost",
    "host": "ftp.jawngames.com",
    "protocol": "ftp",
    "port": 21,
    "username": "jawngame",
    "password": "H#f\"Ca-t2a\"@N_\"",
    "remotePath": "/public_html",
    "uploadOnSave": false
}
```
  Found on 2023-01-09 01:47
  
  226 Bytes
Create report
VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 66.235.200.146
Domain: ssfveracruz.com
Port: 443
URL: https://ssfveracruz.com/.vscode/sftp.json

First seen 2023-01-28 04:50
- Fingerprint: 13b3a7b17cfc7502c36c325d74d86a72387c2745cbb67865c0ecfd9d6a06a0c4
```
{
    "name": "ssfveracruz",
    "host": "ftp.ssfveracruz.com",
    "protocol": "ftp",
    "port": 21,
    "username": "carloson@ssfveracruz.com",
    "password": "C4rL05-ssF",
    "remotePath": "/",
    "uploadOnSave": true,
    "downloadOnOpen": true
}
```
  Found on 2023-01-28 04:50
  
  254 Bytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: servauntgroup.com
Port: 443
URL: https://servauntgroup.com

First seen 2021-07-29 12:38
Last seen 2023-01-22 18:10
Open for 542 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea96367f45a086ed07d01b7f20fc0dbb463
```
Found 23 files trough .DS_Store spidering:

/index.php
/jetpack-onboarding
/license.txt
/loader.php
/mojo-package.sh
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2021-07-29 12:38
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: groundswell-listenup-hub.org
Port: 443
URL: https://groundswell-listenup-hub.org

First seen 2022-01-28 15:53
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9dca7a1c34ca7a1c34ca7a1c34ca7a1c34
```
Found 1 files trough .DS_Store spidering:

/preview
```
  Found on 2022-01-28 15:53
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.groundswell-listenup-hub.org
Port: 443
URL: https://www.groundswell-listenup-hub.org

First seen 2022-01-28 15:53
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9dca7a1c34ca7a1c34ca7a1c34ca7a1c34
```
Found 1 files trough .DS_Store spidering:

/preview
```
  Found on 2022-01-28 15:53
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.17850vonkarman.com
Port: 443
URL: https://www.17850vonkarman.com

First seen 2021-08-16 07:50
Last seen 2021-11-29 00:59
Open for 104 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d80ea47a45a2ef9e07f0519495ffa16e00
```
Found 8 files trough .DS_Store spidering:

/.git
/cgi-bin
/downloads
/wp-admin
/wp-content
/wp-content/plugins
/wp-includes
/wp-snapshots
```
  Found on 2021-10-12 23:56
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392ab959c1a4c313f72a68e702a00182ca5d0
```
Found 7 files trough .DS_Store spidering:

/.git
/cgi-bin
/downloads
/wp-admin
/wp-content
/wp-includes
/wp-snapshots
```
  Found on 2021-08-16 07:50
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 66.235.200.146
Domain: www.servauntgroup.com
Port: 443
URL: https://www.servauntgroup.com

First seen 2021-07-29 12:38
- Severity: low
  Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea96367f45a086ed07d01b7f20fc0dbb463
```
Found 23 files trough .DS_Store spidering:

/index.php
/jetpack-onboarding
/license.txt
/loader.php
/mojo-package.sh
/readme.html
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2021-07-29 12:38
Create report

Open service 66.235.200.146:80 · laredplus.com

2024-11-03 01:58

HTTP/1.1 301 Moved Permanently
Date: Sun, 03 Nov 2024 01:58:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Redirect-By: WordPress
Location: https://laredplus.com/
Cache-Control: max-age=7200
Expires: Sun, 03 Nov 2024 03:58:53 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Newfold-Cache-Level: 2
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: EXPIRED
Set-Cookie: __cf_bm=75cvG0dWgQ_LxfzkSIW8rba5Vb.iApcPusKxwZBudzM-1730599134-1.0.1.1-y8T58.IOfLjyxJEJq_YyMhLTSy6IzSb2Ui7TYmYY_iWfbOOTAwxMV9ik_J9jvmAe1HhkRj9FCv.phFB3aJhV0A; path=/; expires=Sun, 03-Nov-24 02:28:54 GMT; domain=.laredplus.com; HttpOnly
Set-Cookie: _cfuvid=f3AjfxK_adfljtSDM0E7SZ4b8x34p_1I00FNFNNpcuQ-1730599134337-0.0.1.1-604800000; path=/; domain=.laredplus.com; HttpOnly
Server: cloudflare
CF-RAY: 8dc8c30a9ce14596-LHR