LeakIX - Host dev.qliq.bio

Domain dev.qliq.bio

Singapore

AMAZON-02

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 54.151.208.215
Domain: backend.dev.qliq.bio
Port: 443
URL: https://backend.dev.qliq.bio

First seen 2022-09-11 18:42
Last seen 2024-12-16 12:46
Open for 826 days

Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65228e3827b7

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://nayeemcats@bitbucket.org/spacecatstech/qliq_backend_v1.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "development"]
	remote = origin
	merge = refs/heads/development

Found on 2024-12-16 12:46

301 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65225cbcf982

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://aviqa1984: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@github.com/aviqa1984/qliq-backend.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "development"]
	remote = origin
	merge = refs/heads/development

Found on 2024-01-15 20:06

389 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652253ac81e7

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://aviqa1984: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@github.com/aviqa1984/qliq-backend.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2022-09-11 18:42

317 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 52.222.214.34
Domain: dev.qliq.bio
Port: 80
URL: http://dev.qliq.bio

First seen 2022-11-17 18:43
Last seen 2023-09-23 06:39
Open for 309 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772a068f0c5a3cc61532ba7245e44487958
```
Found 11 files trough .DS_Store spidering:

/asset-manifest.json
/assets
/assets/images
/assets/images/logos
/assets/images/logos/brand-logo.png
/assets/images/logos/logo.svg
/favicon.ico
/index.html
/manifest.json
/robots.txt
/static
```
  Found on 2022-11-17 18:43
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 52.222.214.9
Domain: dev.qliq.bio
Port: 443
URL: https://dev.qliq.bio

First seen 2022-11-17 18:43
Last seen 2023-10-11 03:22
Open for 327 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772a068f0c5a3cc61532ba7245e44487958
```
Found 11 files trough .DS_Store spidering:

/asset-manifest.json
/assets
/assets/images
/assets/images/logos
/assets/images/logos/brand-logo.png
/assets/images/logos/logo.svg
/favicon.ico
/index.html
/manifest.json
/robots.txt
/static
```
  Found on 2023-10-11 03:22
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 52.222.214.34
Domain: dev.qliq.bio
Port: 443
URL: https://dev.qliq.bio

First seen 2022-11-17 18:43
Last seen 2023-10-11 03:22
Open for 327 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65229b1332d0
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	ignorecase = true
	precomposeunicode = true
[remote "origin"]
	url = git@github.com:aviqa1984/qliq-react.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
```
  Found on 2023-10-11 03:22
  
  305 Bytes
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 52.222.214.105
Domain: dev.qliq.bio
Port: 80
URL: http://dev.qliq.bio

First seen 2022-11-17 18:43
Last seen 2023-09-23 06:39
Open for 309 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65229b1332d0
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	ignorecase = true
	precomposeunicode = true
[remote "origin"]
	url = git@github.com:aviqa1984/qliq-react.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
```
  Found on 2022-11-17 18:43
  
  305 Bytes
Create report

Domain summary

dev.qliq.bio 4 backend.dev.qliq.bio 3

2 recorded

IP summary

54.151.208.215 1 13.229.58.174 1 52.222.214.34 1 52.222.214.9 1 52.222.214.105 1

5 recorded

Domain dev.qliq.bio

Singapore

Git configuration and history exposed

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Domain summary

IP summary