LeakIX - Host stgfile.nw18.com

Domain stgfile.nw18.com

Germany

Akamai International B.V.

Ubuntu

Software information

AkamaiGHost

tcp/443 tcp/80

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 23.53.40.10
Domain: stgfile.nw18.com
Port: 443
URL: https://stgfile.nw18.com

First seen 2024-03-11 09:20
Last seen 2024-11-04 14:52
Open for 238 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522d8951c9e

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitdeployment:GitDepL0yment@gitlab.network18tech.com/platform/file18-desktop.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "staging"]
	remote = origin
	merge = refs/heads/staging

Found on 2024-11-04 14:52

315 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522c2d34ed9

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://gitdeployment:GitDepL0yment@git.active18.com/news18/microsites_cms.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "stg"]
	remote = origin
	merge = refs/heads/stg

Found on 2024-10-16 14:53

296 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220eae6b15

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://gitdeployment:GitDepL0yment@git.active18.com/firstpost/firstpost_cms.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master_multi_gcp"]
	remote = origin
	merge = refs/heads/master_multi_gcp

Found on 2024-08-10 16:27

324 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220b12e6e4

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://gitdeployment:GitDepL0yment@git.active18.com/platform/file18-desktop.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "staging"]
	remote = origin
	merge = refs/heads/staging

Found on 2024-08-02 16:00

306 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522ff018176

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://gitdeployment:GitDepL0yment@git.active18.com/platform/file18-desktop.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "stg"]
	remote = origin
	merge = refs/heads/stg

Found on 2024-06-12 02:46

298 Bytes

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652212fd2bae

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://gitdeployment:GitDepL0yment@git.active18.com/platform/file18-desktop.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2024-03-11 09:20

304 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 23.53.40.10
Domain: stgfile.nw18.com
Port: 443
URL: https://stgfile.nw18.com

First seen 2024-10-16 14:53

Severity: medium
Fingerprint: 5f32cf5d6962f09c70ba7b5770ba7b57e0f1e2150dfa676f063053709bbbe54f

Found 54 files trough .DS_Store spidering:

/;
/allkeys.php
/amazon-associate-dashboard
/check-aws-redis.php
/composer.json
/composer.lock
/copy-dc-to-cloud.php
/crons
/customs
/db-config.php
/digital-first
/export-data.php
/external
/Fluid ROS Tags.txt
/includes
/index.php
/license.txt
/light_edit.php
/migration
/nbproject
/News18-5xx-24hr.csv
/predis
/prj-prod-svc-news18-engb4-d33ad50b03ee.json
/prj-stg-svc-news1847-1280cc5ebd0d.json
/readme.html
/redis-migrate-aws-key-wise.php
/redis_cluster_dir
/remove_tags_td.csv
/save-redis.php
/table.php
/test-redis-value.php
/test_redis.php
/update_panni_redis_v2.php
/update_sii_redis.php
/user_update.php
/vendor
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config-sample.php
/wp-config.php
/wp-content
/wp-content_pushimp
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php

Found on 2024-10-16 14:53

Create report

Open service 2.16.206.137:80 · stgfile.nw18.com

2026-01-08 14:49

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 370
Expires: Thu, 08 Jan 2026 14:49:49 GMT
Date: Thu, 08 Jan 2026 14:49:49 GMT
Connection: close
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;stgfile&#46;nw18&#46;com&#47;" on this server.<P>
Reference&#32;&#35;18&#46;89cd1002&#46;1767883789&#46;7e04bcb3
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;89cd1002&#46;1767883789&#46;7e04bcb3</P>
</BODY>
</HTML>