LeakIX - Host gac.org

Domain gac.org

United States

CLOUDFLARENET

Ubuntu

Software information

Apache Apache 2.4.58

tcp/80

cloudflare

tcp/443 tcp/80 tcp/8443

nginx nginx

tcp/443 tcp/80

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 50.202.118.222
Domain: moodle.gac.org
Port: 443
URL: https://moodle.gac.org

First seen 2023-03-27 02:10
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652214087f16
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = git://git.moodle.org/moodle.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "MOODLE_401_STABLE"]
	remote = origin
	merge = refs/heads/MOODLE_401_STABLE
```
  Found on 2023-03-27 02:10
  
  340 Bytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 50.202.118.246
Domain: deploydatasrv.gac.org
Port: 443
URL: https://deploydatasrv.gac.org

First seen 2023-01-09 23:47
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0fc7f201b0371e4f7826238f1626238f16
```
Found 3 files trough .DS_Store spidering:

/50x.html
/CasperShare
/index.html
```
  Found on 2023-01-09 23:47
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 50.202.118.222
Domain: moodle.gac.org
Port: 80
URL: http://moodle.gac.org

First seen 2023-03-27 02:10
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652214087f16
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = git://git.moodle.org/moodle.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "MOODLE_401_STABLE"]
	remote = origin
	merge = refs/heads/MOODLE_401_STABLE
```
  Found on 2023-03-27 02:10
  
  340 Bytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 50.202.118.246
Domain: deploydatasrv.gac.org
Port: 80
URL: http://deploydatasrv.gac.org

First seen 2023-01-09 23:47
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0fc7f201b0371e4f7826238f1626238f16
```
Found 3 files trough .DS_Store spidering:

/50x.html
/CasperShare
/index.html
```
  Found on 2023-01-09 23:47
Create report

Open service 3.210.63.62:443 · spartanstore.gac.org

2026-01-23 17:47

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Jan 2026 17:47:17 GMT
Content-Type: text/html;  charset=utf-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff

Found 2026-01-23 by HttpPlugin

Create report

Open service 3.210.63.62:80 · www.spartanstore.gac.org

2026-01-23 17:47

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 17:47:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://www.spartanstore.gac.org/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 3.210.63.62:443 · www.spartanstore.gac.org

2026-01-23 17:47

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 23 Jan 2026 17:47:14 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://spartanstore.gac.org/
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff

Page title: 302 Found

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 3.210.63.62:80 · spartanstore.gac.org

2026-01-23 17:47

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 17:47:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://spartanstore.gac.org/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 50.202.118.182:80 · forms.gac.org

2026-01-23 01:47

HTTP/1.1 200 OK
Date: Fri, 23 Jan 2026 01:47:50 GMT
Server: Apache/2.4.58 (Ubuntu)
Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 03 May 2024 00:50:08 GMT
ETag: "10-6178219f3ea87"
Accept-Ranges: bytes
Content-Length: 16
Connection: close
Content-Type: text/html


GAC Forms Server

Found 2026-01-23 by HttpPlugin

Create report

Open service 104.17.69.73:443 · gac.org

2026-01-22 14:15

HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Jan 2026 14:15:11 GMT
Content-Length: 0
Connection: close
CF-RAY: 9c1fa9760b09a043-FRA
Location: https://www.greateratlantachristian.org/
Strict-Transport-Security: max-age=31536000
Set-Cookie: __cfruid=4c69124c6c8aee0df472183cb26c3f8277678824-1769091311; path=/; domain=.gac.org; HttpOnly; Secure; SameSite=None
Server: cloudflare
alt-svc: h3=":443"; ma=86400

Found 2026-01-22 by HttpPlugin

Create report

Open service 104.17.69.73:8443 · gac.org

2026-01-22 14:15

HTTP/1.1 403 Forbidden
Date: Thu, 22 Jan 2026 14:15:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-RAY: 9c1fa975add641e9-EWR
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Strict-Transport-Security: max-age=31536000
Set-Cookie: __cfruid=8a1d2b77d92f4f6c2ee47330b229e17929c8157f-1769091310; path=/; domain=.gac.org; HttpOnly; Secure; SameSite=None
Server: cloudflare
alt-svc: h3=":8443"; ma=86400

Page title: Attention Required! | Cloudflare

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>


<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->


</head>
<body>
  <div id="cf-wrapper">
    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> finalsitecdn.com</h2>
      </div><!-- /.header -->

      <div class="cf-section cf-highlight">
        <div class="cf-wrapper">
          <div class="cf-screenshot-container cf-screenshot-full">
            
              <span class="cf-no-screenshot error"></span>
            
          </div>
        </div>
      </div><!-- /.captcha-container -->

      <div class="cf-section cf-wrapper">
        <div class="cf-columns two">
          <div class="cf-column">
            <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

            <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
          </div>

          <div class="cf-column">
            <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

            <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
          </div>
        </div>
      </div><!-- /.section -->

      <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
  <p class="text-13">
    <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">9c1fa975add641e9</strong></span>
    <span class="cf-footer-separator sm:hidden">&bull;</span>
    <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1">
      Your IP:
      <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button>
      <span class="hidden" id="cf-footer-ip">167.71.175.236</span>
      <span class="cf-footer-separator sm:hidden">&bull;</span>
    </span>
    <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span>
    
  </p>
  <script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.cla

Found 2026-01-22 by HttpPlugin

Create report

Open service 104.17.69.73:80 · gac.org

2026-01-22 14:15

HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Jan 2026 14:15:10 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Cache-Control: max-age=3600
Expires: Thu, 22 Jan 2026 15:15:10 GMT
Location: https://gac.org/
Set-Cookie: __cfruid=e9d6cb7acf87282ac7811a36df2e9d0f6e1cf8c0-1769091310; path=/; domain=.gac.org; HttpOnly
Server: cloudflare
CF-RAY: 9c1fa9754fc5d359-FRA
alt-svc: h3=":443"; ma=86400

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

Found 2026-01-22 by HttpPlugin