LeakIX - Host dragon98.club

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 104.21.75.155
Domain: dragon98.club
Port: 443
URL: https://dragon98.club

First seen 2022-10-17 05:13
Last seen 2023-02-12 17:55
Open for 118 days

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba9188402036590051b414a37

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[http "https://gitlab.com"]
	sslCAInfo = /home/gitlab-runner/builds/6qCe9tWR/0/tx888/mgm/web-mobile.tmp/CI_SERVER_TLS_CA_FILE
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:64_1ZMEdzy_StzzX2CVt_gh@gitlab.com/tx888/mgm/web-mobile.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2023-02-03 02:32

436 Bytes

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba918840203659005700c8aed

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[http "https://gitlab.com"]
	sslCAInfo = /home/gitlab-runner/builds/6qCe9tWR/0/tx888/mgm/web-mobile.tmp/CI_SERVER_TLS_CA_FILE
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:64_mC8tVyNGpj4rQxjrHyd1@gitlab.com/tx888/mgm/web-mobile.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2023-01-17 02:14

436 Bytes

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba9188402036590057537cbf1

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[http "https://gitlab.com"]
	sslCAInfo = /home/gitlab-runner/builds/WfZQsuk4/0/tx888/dragon/web-mobile.tmp/CI_SERVER_TLS_CA_FILE
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:JXmiBgSiZSbtzM4kpNyg@gitlab.com/tx888/dragon/web-mobile.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2022-10-17 05:13

439 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 172.67.178.109
Domain: dragon98.club
Port: 80
URL: http://dragon98.club

First seen 2023-01-17 02:14
Last seen 2023-02-12 17:55
Open for 26 days

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba9188402036590051b414a37

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[http "https://gitlab.com"]
	sslCAInfo = /home/gitlab-runner/builds/6qCe9tWR/0/tx888/mgm/web-mobile.tmp/CI_SERVER_TLS_CA_FILE
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:64_1ZMEdzy_StzzX2CVt_gh@gitlab.com/tx888/mgm/web-mobile.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2023-02-03 02:32

436 Bytes

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba918840203659005700c8aed

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[http "https://gitlab.com"]
	sslCAInfo = /home/gitlab-runner/builds/6qCe9tWR/0/tx888/mgm/web-mobile.tmp/CI_SERVER_TLS_CA_FILE
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:64_mC8tVyNGpj4rQxjrHyd1@gitlab.com/tx888/mgm/web-mobile.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2023-01-17 02:14

436 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 104.21.75.155
Domain: email-api.dragon98.club
Port: 443
URL: https://email-api.dragon98.club

First seen 2022-08-25 13:21
Last seen 2022-09-18 14:00
Open for 24 days

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba918840203659005e21f9d5e

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[http "https://gitlab.com"]
	sslCAInfo = /home/gitlab-runner/builds/sUFJt6Wh/0/tx888/dragon/email-api.tmp/CI_SERVER_TLS_CA_FILE
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:aJ9x7AL8-kFfDSw_A6Nc@gitlab.com/tx888/dragon/email-api.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2022-08-25 13:21

437 Bytes

Create report

Domain dragon98.club

Singapore

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Domain summary

IP summary