Domain code.corimac.it
Italy
Software information
nginx 1.18.0
tcp/443 tcp/80
-
Gitlab instance looks outdated
The following Gitlab instance is publicly accessible and looks out-dated :
It is critical to update to a safe version as soon as possible to avoid account takeover.
Severity is mitigated by the need of a valid email address.
Reference:
First seen 2024-01-20 08:53
Last seen 2024-12-21 02:01
Open for 335 days-
Severity: high
Fingerprint: db64c48d331961cce5776b3a892edddd892edddd892edddd892edddd892eddddFound vulnerable Gitlab instance Affected by CVE-2023-7028
Found on 2024-12-21 02:01
-
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-21 02:01
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Sat, 21 Dec 2024 02:01:30 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JFKF5H2Y5DXMWZDX8KD289HS","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JFKF5H2Y5DXMWZDX8KD289HS X-Runtime: 0.068662 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found one day ago by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-19 04:57
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 19 Dec 2024 04:57:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JFEMF2FJDMQNCRHVMND1DDZZ","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JFEMF2FJDMQNCRHVMND1DDZZ X-Runtime: 0.032341 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 3 days ago by HttpPluginCreate report
-
Open service 31.187.104.30:80 · code.corimac.it
2024-12-19 04:57
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Thu, 19 Dec 2024 04:57:52 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://code.corimac.it/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>
Found 3 days ago by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-18 11:12
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 11:12:45 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JFCQGRBDV56BNNABCKV3GFRV","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JFCQGRBDV56BNNABCKV3GFRV X-Runtime: 0.026536 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-12-18 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-16 05:08
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Mon, 16 Dec 2024 05:08:05 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JF6XVKDNFCTR4WC84QDWDEKT","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JF6XVKDNFCTR4WC84QDWDEKT X-Runtime: 0.081767 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-12-16 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-14 07:25
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Sat, 14 Dec 2024 07:25:31 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JF20XT9RAMHE21086NXKFAZ9","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JF20XT9RAMHE21086NXKFAZ9 X-Runtime: 0.062140 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-12-14 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-12 13:17
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 12 Dec 2024 13:17:21 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JEXG8KBXRE24K1AT6E0BYB68","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JEXG8KBXRE24K1AT6E0BYB68 X-Runtime: 0.026981 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-12-12 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-12-02 15:26
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Mon, 02 Dec 2024 15:26:15 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JE3ZNEBDFRHRVCG011Q2Y06R","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JE3ZNEBDFRHRVCG011Q2Y06R X-Runtime: 0.028557 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-12-02 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-11-30 16:29
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Sat, 30 Nov 2024 16:29:15 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JDYYFBPDJCPQ3YWA2S9HSM3R","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JDYYFBPDJCPQ3YWA2S9HSM3R X-Runtime: 0.058319 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-11-30 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-11-28 17:12
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 28 Nov 2024 17:12:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JDSW51EV2TP6HGFSJZ38681E","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JDSW51EV2TP6HGFSJZ38681E X-Runtime: 0.025554 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-11-28 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-11-26 17:35
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 26 Nov 2024 17:35:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JDMRNB9P12RRT90QTVRR41EK","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JDMRNB9P12RRT90QTVRR41EK X-Runtime: 0.024567 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-11-26 by HttpPluginCreate report
-
Open service 31.187.104.30:443 · code.corimac.it
2024-11-20 12:03
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 20 Nov 2024 12:03:49 GMT Content-Type: text/html; charset=utf-8 Content-Length: 103 Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.corimac.it/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01JD4QA44RCETNBTH9D4C6A86B","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01JD4QA44RCETNBTH9D4C6A86B X-Runtime: 0.028073 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-store, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin X-XSS-Protection: 1; mode=block <html><body>You are being <a href="https://code.corimac.it/users/sign_in">redirected</a>.</body></html>Found 2024-11-20 by HttpPluginCreate report