Domain datac-api.qxiangsoft.com
China
Software information
nginx 1.20.1
tcp/443 tcp/80
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2024-07-21 02:26-
Severity: high
Fingerprint: 5f32cf5d6962f09cdafa5447dafa54473060fe0a57afabc6aaab114269c517f9Found 18 files trough .DS_Store spidering: /360s /360s/winrep.xxxx.com /assets /assets/img /assets/img/backgrounds /baidus /baidus/winrep.stywru.cn /error /include /lepay /lepay/winrep /lepay/winrep/imgs /lepay/winrep/js /wcleaner /winrep /winzrar /wnasst /wxpay
Found on 2024-07-21 02:26
-
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.First seen 2024-07-21 02:26-
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227093c80a[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true ignorecase = true precomposeunicode = true [submodule] active = . [remote "origin"] url = https://github.com/citysir/qxiangsoft.com.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "main"] remote = origin merge = refs/heads/main vscode-merge-base = origin/main [lfs] repositoryformatversion = 0
Found on 2024-07-21 02:26403 Bytes
-
-
Open service 106.55.8.158:443 · datac-api.qxiangsoft.com
2026-01-26 06:26
HTTP/1.1 404 Not Found Server: nginx/1.20.1 Date: Mon, 26 Jan 2026 06:26:46 GMT Content-Type: text/plain Content-Length: 18 Connection: close Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Keep-Alive,User-Agent,Content-Type,Authorization,X-H-Version,X-H-Productid,X-H-Authorization,X-H-Device-Id,X-H-Platform,X-H-Uid,X-H-Appid,X-H-Admin-Auth,X-FC-Pid,X-FC-IndexCode,X-FC-Authorization,X-FC-UseMaskKey Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: * Access-Control-Max-Age: 600 404 page not found
Found 2026-01-26 by HttpPluginCreate report
-
Open service 106.55.8.158:80 · datac-api.qxiangsoft.com
2026-01-26 06:26
HTTP/1.1 404 Not Found Server: nginx/1.20.1 Date: Mon, 26 Jan 2026 06:26:44 GMT Content-Type: text/plain Content-Length: 18 Connection: close Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Keep-Alive,User-Agent,Content-Type,Authorization,X-H-Version,X-H-Productid,X-H-Authorization,X-H-Device-Id,X-H-Platform,X-H-Uid,X-H-Appid,X-H-Admin-Auth,X-FC-Pid,X-FC-IndexCode,X-FC-Authorization,X-FC-UseMaskKey Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: * Access-Control-Max-Age: 600 404 page not found
Found 2026-01-26 by HttpPluginCreate report