nginx 1.18.0
tcp/443 tcp/80
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652290f430c7
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = ssh://git@172.26.12.69/administration/isvm.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652290f430c7
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = ssh://git@172.26.12.69/administration/isvm.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-06-12 18:35
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Wed, 12 Jun 2024 18:35:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=gMHCC2CIkjmV61WCgkGN3C44tEAYHUv5; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-06-12 11:34
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Wed, 12 Jun 2024 11:34:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=0aCCko4o7ZNv00aRdTZLH7FUIuU8IDPJ; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-06-10 18:56
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Mon, 10 Jun 2024 18:56:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=eAx5ywYzeO2jtrL7gEDLLLw12733ZbSR; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-06-10 10:22
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Mon, 10 Jun 2024 10:22:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=LdFuSXT7YTVHLgdZ7hdLNdDNBucoQYp6; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-06-08 18:02
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Sat, 08 Jun 2024 18:02:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=80aihIlQZjHU1rJDJf02IHrRUbBYBJ1e; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-06-08 17:30
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Sat, 08 Jun 2024 17:30:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=YY9twibPnZIF1DMl7fIsIlTFBNk2LMVp; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-06-06 16:23
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Thu, 06 Jun 2024 16:23:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=d5KeDFkRsxE5Ze2jtnQllS47icKB5Lxv; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-06-06 02:00
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Thu, 06 Jun 2024 02:00:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=lzFvLuvEvB6qIjLnkTNPruxdOBaKuLwi; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-06-04 15:38
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Tue, 04 Jun 2024 15:38:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=9u1ZUEtEUykSPBiGBrEliRwULlml3Y80; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-06-04 10:35
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Tue, 04 Jun 2024 10:35:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=sjnJDJkiilQqSxMYDshmN4U9lc9M0bFy; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-06-02 10:56
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Sun, 02 Jun 2024 10:56:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=gjEsKcOrz91mA8vHsIq6AA6idj8d8WyR; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-06-02 10:08
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Sun, 02 Jun 2024 10:08:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=b9DwP7BQ0Y8jLITExbH0lB1Ys4jJNiiu; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-05-30 06:48
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Thu, 30 May 2024 06:48:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=7BQM0ctZaKMS7f2rwpHHl56pQjRIfT2C; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-05-30 06:35
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Thu, 30 May 2024 06:35:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=nd6s48dQD7Lp3j5ECPV7euUM2gb42ROi; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-05-29 09:16
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Wed, 29 May 2024 09:16:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=9SscJFNxIN0GC1lrpDU2q4OtECLVP4vs; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-05-29 08:47
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Wed, 29 May 2024 08:47:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=Kj0xzTVH1Zj04qOO3VBxAxQ2Ex5sDGD6; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-05-28 22:54
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Tue, 28 May 2024 22:54:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=cwLCHkxvvhF7m2KQ04u50cOXu62bXWVq; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:443 · isvm.dev.wepromo.ru
2024-05-28 13:56
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Tue, 28 May 2024 13:56:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=alt86ZAikITiAIU9YPwylHgEozGMnZD7; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Open service 31.173.4.49:80 · isvm.dev.wepromo.ru
2024-05-27 19:34
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Mon, 27 May 2024 19:34:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS: Bitrix Site Manager (0fb507e01b3e89e0d00a500706b8767d) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Bitrix-Ajax-Status: Authorize Set-Cookie: PHPSESSID=rhaglU2Ktw0q0N6azZihDGPoqQPp3mZe; path=/; HttpOnly Vary: Accept-Encoding Strict-Transport-Security: max-age=63072000; includeSubdomains; preload