LeakIX - Host bipbip.com

Domain bipbip.com

United States

AMAZON-02

Ubuntu

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 13.225.78.13
Domain: landing.bipbip.com
Port: 443
URL: https://landing.bipbip.com

First seen 2023-02-28 16:17
Last seen 2023-07-11 06:46
Open for 132 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392abdc1b177d75be5a8c401b78a2d8d8a6e3
```
Found 7 files trough .DS_Store spidering:

/assets
/assets/contact-ipad.png
/assets/qr
/chinh-sach-bao-mat
/en
/font
/qr
```
  Found on 2023-02-28 16:17
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d86bfb45c8bc4e64fdc4b21e83378c1676
```
Found 8 files trough .DS_Store spidering:

/assets
/assets/contact-ipad.png
/assets/qr
/chinh-sach-bao-mat
/en
/font
/font/otf
/qr
```
  Found on 2023-02-28 16:17
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 54.179.90.217
Domain: bipbip.com
Port: 443
URL: https://bipbip.com

First seen 2021-10-13 12:00
Last seen 2021-12-03 14:01
Open for 51 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c026392ab026392abdc1b177d75be5a8c401b78a2d8d8a6e3
```
Found 7 files trough .DS_Store spidering:

/assets
/assets/contact-ipad.png
/assets/qr
/chinh-sach-bao-mat
/en
/font
/qr
```
  Found on 2021-10-14 07:44
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d86bfb45c8bc4e64fdc4b21e83378c1676
```
Found 8 files trough .DS_Store spidering:

/assets
/assets/contact-ipad.png
/assets/qr
/chinh-sach-bao-mat
/en
/font
/font/otf
/qr
```
  Found on 2021-10-13 12:00
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 18.66.122.112
Domain: baocaotmdt.bipbip.com
Port: 443
URL: https://baocaotmdt.bipbip.com

First seen 2023-02-23 16:25
Last seen 2023-03-27 06:40
Open for 31 days
- Severity: critical
  Fingerprint: 2580fa947178c883cda65107b6f0882eb5010f354c5d91ec33bd1e39783519d5
```
[fetch]
	recurseSubmodules = false
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:o1vAZq75mLtyRYEm6BcR@gitlab.kyanon.digital/rx3/bipbip/fe/report-landing-page.git
	fetch = +refs/heads/*:refs/remotes/origin/*
```
  Found on 2023-02-23 16:25
  
  302 Bytes
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 13.225.78.21
Domain: landing.bipbip.com
Port: 443
URL: https://landing.bipbip.com

First seen 2023-02-28 16:17
Last seen 2023-07-11 06:46
Open for 132 days
- Severity: critical
  Fingerprint: 2580fa947178c883cda65107b6f0882eb5010f354c5d91ec33bd1e39d37528a8
```
[fetch]
	recurseSubmodules = false
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:fwkuxL91znscYwifnGN6@gitlab.kyanon.digital/rx3/bipbip/fe/landing-page-bibip.git
	fetch = +refs/heads/*:refs/remotes/origin/*
```
  Found on 2023-02-28 16:17
  
  301 Bytes
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 13.225.78.78
Domain: bipbip.com
Port: 443
URL: https://bipbip.com

First seen 2022-07-02 02:13
- Severity: critical
  Fingerprint: 2580fa947178c883cda65107b6f0882eb5010f354c5d91ec33bd1e39d37528a8
```
[fetch]
	recurseSubmodules = false
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:fwkuxL91znscYwifnGN6@gitlab.kyanon.digital/rx3/bipbip/fe/landing-page-bibip.git
	fetch = +refs/heads/*:refs/remotes/origin/*
```
  Found on 2022-07-02 02:13
  
  301 Bytes
Create report

Domain summary

landing.bipbip.com 3 bipbip.com 3 baocaotmdt.bipbip.com 1

3 recorded

IP summary

13.225.78.13 1 13.225.78.21 1 54.179.90.217 1 18.66.122.112 1 13.225.78.78 1

5 recorded

Domain bipbip.com

United States

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Domain summary

IP summary