LeakIX - Host 91.216.248.14

Host 91.216.248.14

Germany

23M GmbH

Software information

openresty

tcp/443 tcp/80

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 91.216.248.14
Domain: www.monikuere.at
Port: 443
URL: https://www.monikuere.at

First seen 2022-09-17 15:32
Last seen 2024-03-12 10:13
Open for 541 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0fd02d66877591c360f966c9a6f966c9a6
```
Found 3 files trough .DS_Store spidering:

/css
/images
/js
```
  Found on 2024-03-12 10:13
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 91.216.248.14
Domain: debugging.wachplan.info
Port: 443
URL: https://debugging.wachplan.info

First seen 2022-08-09 09:23
Last seen 2022-10-08 09:22
Open for 59 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522fc37141d
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = git@gitlab.lrz.de:di29baf/Wachplan_Design.git
	fetch = +refs/heads/erweiterung-lohhof:refs/remotes/origin/erweiterung-lohhof
[branch "erweiterung-lohhof"]
	remote = origin
	merge = refs/heads/erweiterung-lohhof
```
  Found on 2022-08-09 09:23
  
  328 Bytes
Create report

Open service 91.216.248.14:80 · op.pma.mazza.cloud

2026-01-10 06:04

HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Sat, 10 Jan 2026 06:04:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-Lima-Id: atMgQO4M0bRB0G8HOQ
Set-Cookie: _lcp=a; Path=/; expires=Mon Mar 20 2034 13:02:58; SameSite=Lax; HttpOnly
Location: https://op.pma.mazza.cloud/
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


This website has moved to https://op.pma.mazza.cloud/

Found 2 days ago by HttpPlugin

Create report

Open service 91.216.248.14:443 · anleitungen.wolle-handarbeit.eu

2026-01-09 00:34
Found 2026-01-09 by HttpPlugin
Create report

Open service 91.216.248.14:80 · wwwamypnwwwadmin.lmzbw.ghdev.de

2025-12-21 19:42

HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Sun, 21 Dec 2025 19:42:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-Lima-Id: atXISJ27DGDybYFe46
Set-Cookie: _lcp=a; Path=/; expires=Mon Mar 20 2034 13:02:58; SameSite=Lax; HttpOnly
Location: https://wwwamypnwwwadmin.lmzbw.ghdev.de/
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


This website has moved to https://wwwamypnwwwadmin.lmzbw.ghdev.de/

Found 2025-12-21 by HttpPlugin

Create report

Open service 91.216.248.14:443 · wwwwwwdxedfkaujtblog.pma.mazza.cloud

2025-12-21 10:33

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 21 Dec 2025 10:33:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
X-Lima-Id: atyN4JFmqEpmIQ9qFs
Set-Cookie: _lcp=a; Path=/; expires=Mon Mar 20 2034 13:02:58; SameSite=Lax; HttpOnly
x-powered-by: PHP/8.2.29
x-ob_mode: 1
x-frame-options: DENY
referrer-policy: no-referrer
content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data:  *.tile.openstreetmap.org;object-src 'none';
x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data:  *.tile.openstreetmap.org;object-src 'none';
x-webkit-csp: default-src 'self' ;script-src 'self'  'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data:  *.tile.openstreetmap.org;object-src 'none';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
expires: Sun, 21 Dec 2025 10:33:18 +0000
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pragma: no-cache
vary: Accept-Encoding
set-cookie: pma_lang_https=en; expires=Tue, 20 Jan 2026 10:33:18 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=Strict
set-cookie: phpMyAdmin_https=0646734e7c33f08299707c427299c0db; path=/; secure; HttpOnly; SameSite=Strict
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Page title: phpMyAdmin

<!doctype html>
<html lang="en" dir="ltr">
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <meta name="referrer" content="no-referrer">
  <meta name="robots" content="noindex,nofollow,notranslate">
  <meta name="google" content="notranslate">
  <style id="cfs-style">html{display: none;}</style>
  <link rel="icon" href="favicon.ico" type="image/x-icon">
  <link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
  <link rel="stylesheet" type="text/css" href="./themes/pmahomme/jquery/jquery-ui.css">
  <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/lib/codemirror.css?v=5.2.1">
  <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/addon/hint/show-hint.css?v=5.2.1">
  <link rel="stylesheet" type="text/css" href="js/vendor/codemirror/addon/lint/lint.css?v=5.2.1">
  <link rel="stylesheet" type="text/css" href="./themes/pmahomme/css/theme.css?v=5.2.1">
  <title>phpMyAdmin</title>
    <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.min.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-migrate.min.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/sprintf.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/ajax.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/name-conflict-fixes.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/bootstrap/bootstrap.bundle.min.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/js.cookie.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.validate.min.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui-timepicker-addon.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery.debounce-1.0.6.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/menu_resizer.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/cross_framing_protection.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/messages.php?l=en&v=5.2.1&lang=en"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/config.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/navigation.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/indexes.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/common.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/dist/page_settings.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/codemirror/lib/codemirror.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/codemirror/mode/sql/sql.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/codemirror/addon/runmode/runmode.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/codemirror/addon/hint/show-hint.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/codemirror/addon/hint/sql-hint.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript" src="js/vendor/codemirror/addon/lint/lint.js?v=5.2.1"></script>
  <script data-cfasync="false" type="text/javascript"

Found 2025-12-21 by HttpPlugin

Create report

Open service 91.216.248.14:80 · wwwadmin.pma.mazza.cloud

2025-12-21 10:33

HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Sun, 21 Dec 2025 10:33:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-Lima-Id: atdMSHRWurTSBGVWV0
Set-Cookie: _lcp=a; Path=/; expires=Mon Mar 20 2034 13:02:58; SameSite=Lax; HttpOnly
Location: https://wwwadmin.pma.mazza.cloud/
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


This website has moved to https://wwwadmin.pma.mazza.cloud/

Found 2025-12-21 by HttpPlugin

Create report

Fingerprint:

75f502a29b7ceecadd6452b2d26b4f2b8a56f8ba2a5c67911705f0b8320e576e

CN:

anyhost.lima-city.de

Key:

RSA-2048

Issuer:

anyhost.lima-city.de

Not before:

2018-06-03 18:21

Not after:

2019-06-03 18:21

.chorusviennensis.at.knetball.space.niklashoffmann.net.ton-verkauf.de.tonverkauf.de.urlaubaufdemdach.dechat.immo-look.chchorusviennensis.atknetball.spacelggcnhat.martenstop.comniklashoffmann.netreport.view-point.eustd-superset.katharina-on-tour.desummary.immopano.euton-verkauf.detonverkauf.detysswsxhgntxglz.immo-look.euurlaubaufdemdach.dewww.ai.northern-buildings.dewww.daniel.ullrich.cybermoney.clubwww.dc.187.jetztwww.dev.norair.atwww.famesignature.comwww.fm.dstaraustria.atwww.goanddive.comwww.redaktion.dyndns.orgwww.staging.freyer-haufen.dewww.umfrage.weingut-lex.comwwwadmin.pma.mazza.cloudwwwobile.immopan.dewwworum.magcon.atwwwportal.rotafon.comwwwssl.digistop.dewwwtest-dashboard.europride2019.atwwwwww1.p-s-soft.dewwwwwwakaunting.garagen-schutz.dewwwwwwdev.renate-tobies.dewwwwwwdxedfkaujtblog.pma.mazza.cloudwwwwwweport.magcon.chwwwwwwiki.immopan.dewwwwwwjlegrbpoft.piezo-tweeter.euwwwwwwlopersinugarrett2019.spindelberger.comwwwwwwnventory.burkinart.dewwwwwwold.spindelberger.comwwwwwww1.immopan.dewwwwwwwwanalytic.wiesi1.dewwwwwwwwm.view-point.euwwwwwwwwnmcdfknkpcysshw.panolook.de

Fingerprint:

81855038a94b18507cd1a710de62b1ab38fd186f289bba47ae24519b1fd2d2c0

CN:

*.chorusviennensis.at

Key:

ECDSA-256

Issuer:

Not before:

2025-12-15 00:12

Not after:

2026-03-15 00:12

Domain summary

www.monikuere.at 1 debugging.wachplan.info 1 op.pma.mazza.cloud 0 anleitungen.wolle-handarbeit.eu 0 wwwamypnwwwadmin.lmzbw.ghdev.de 0 wwwwwwdxedfkaujtblog.pma.mazza.cloud 0 wwwadmin.pma.mazza.cloud 0

7 recorded

Host 91.216.248.14

Germany

Software information

MacOS file listing through .DS_Store file

Git configuration and history exposed

Create report

Create report

Create report

Create report

Create report

Domain summary