LeakIX - Host non-24.de

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.92
Domain: non-24.de
Port: 443
URL: https://non-24.de

First seen 2023-04-16 00:22
Last seen 2025-04-10 04:51
Open for 725 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a28063be71c13d2af09307647e453d70d

Found 19 files trough .DS_Store spidering:

/comments
/comments/feed
/favicon.ico
/feed
/img
/wp-content
/wp-content/plugins
/wp-content/plugins/contact-form-7
/wp-content/plugins/contact-form-7/images
/wp-content/plugins/contact-form-7/includes
/wp-content/plugins/cookie-notice
/wp-content/plugins/slimpack
/wp-content/plugins/video-embed-thumbnail-generator
/wp-content/themes
/wp-content/uploads
/wp-includes
/wp-includes/wlwmanifest.xml
/wp-json
/xmlrpc.php

Found on 2025-04-10 04:51

Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa5447d5175b40a93382b49b1335e40f4e1169

Found 18 files trough .DS_Store spidering:

/comments
/comments/feed
/favicon.ico
/feed
/img
/wp-content
/wp-content/plugins
/wp-content/plugins/contact-form-7
/wp-content/plugins/contact-form-7/images
/wp-content/plugins/contact-form-7/includes
/wp-content/plugins/cookie-notice
/wp-content/plugins/slimpack
/wp-content/plugins/video-embed-thumbnail-generator
/wp-content/themes
/wp-content/uploads
/wp-includes
/wp-json
/xmlrpc.php

Found on 2024-05-27 19:27

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.92
Domain: www.non-24.de
Port: 443
URL: https://www.non-24.de

First seen 2023-04-16 00:22
Last seen 2025-04-06 03:22
Open for 721 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a28063be71c13d2af09307647e453d70d

Found 19 files trough .DS_Store spidering:

/comments
/comments/feed
/favicon.ico
/feed
/img
/wp-content
/wp-content/plugins
/wp-content/plugins/contact-form-7
/wp-content/plugins/contact-form-7/images
/wp-content/plugins/contact-form-7/includes
/wp-content/plugins/cookie-notice
/wp-content/plugins/slimpack
/wp-content/plugins/video-embed-thumbnail-generator
/wp-content/themes
/wp-content/uploads
/wp-includes
/wp-includes/wlwmanifest.xml
/wp-json
/xmlrpc.php

Found on 2025-04-06 03:22

Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa5447d5175b40a93382b49b1335e40f4e1169

Found 18 files trough .DS_Store spidering:

/comments
/comments/feed
/favicon.ico
/feed
/img
/wp-content
/wp-content/plugins
/wp-content/plugins/contact-form-7
/wp-content/plugins/contact-form-7/images
/wp-content/plugins/contact-form-7/includes
/wp-content/plugins/cookie-notice
/wp-content/plugins/slimpack
/wp-content/plugins/video-embed-thumbnail-generator
/wp-content/themes
/wp-content/uploads
/wp-includes
/wp-json
/xmlrpc.php

Found on 2024-08-18 10:20

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 13.224.189.101
Domain: www.non-24.de
Port: 443
URL: https://www.non-24.de

First seen 2023-02-14 08:03
Last seen 2023-02-14 08:03

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65225b3f5b3a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://aallur1: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@github.com/VandaPharma/non-24.de.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2023-02-14 08:03

318 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 13.224.189.12
Domain: non-24.de
Port: 443
URL: https://non-24.de

First seen 2023-02-14 08:03

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65225b3f5b3a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://aallur1: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@github.com/VandaPharma/non-24.de.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2023-02-14 08:03

318 Bytes

Create report

Domain non-24.de

United States

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Domain summary

IP summary