nginx
tcp/443 tcp/80
The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522d75591bf
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/MontanaBanana/app.tryp.ly fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master [branch "dev"] remote = origin merge = refs/heads/dev [branch "feature/TRYPLY01H-501"] remote = origin merge = refs/heads/feature/TRYPLY01H-501 [branch "feature/TRYPLY01H-555"] remote = origin merge = refs/heads/feature/TRYPLY01H-555 [branch "feature/TRYPLY01H-559"] remote = origin merge = refs/heads/feature/TRYPLY01H-559 [branch "feature/TRYPLY01H-562"] remote = origin merge = refs/heads/feature/TRYPLY01H-562 [branch "feature/Pin-Interactions"] remote = origin merge = refs/heads/feature/Pin-Interactions [branch "feature/TRYPLY01H-601"] remote = origin merge = refs/heads/feature/TRYPLY01H-601 [branch "feature/TRYPLY01H-640"] remote = origin merge = refs/heads/feature/TRYPLY01H-640 [branch "feature/TRYPLY01H-650"] remote = origin merge = refs/heads/feature/TRYPLY01H-650 [branch "feature/TRYPLY01H-662"] remote = origin merge = refs/heads/feature/TRYPLY01H-662
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e2211004
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/MontanaBanana/app.tryp.ly fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master [branch "dev"] remote = origin merge = refs/heads/dev [branch "feature/TRYPLY01H-501"] remote = origin merge = refs/heads/feature/TRYPLY01H-501 [branch "feature/TRYPLY01H-555"] remote = origin merge = refs/heads/feature/TRYPLY01H-555 [branch "feature/TRYPLY01H-559"] remote = origin merge = refs/heads/feature/TRYPLY01H-559 [branch "feature/TRYPLY01H-562"] remote = origin merge = refs/heads/feature/TRYPLY01H-562 [branch "feature/Pin-Interactions"] remote = origin merge = refs/heads/feature/Pin-Interactions [branch "feature/TRYPLY01H-601"] remote = origin merge = refs/heads/feature/TRYPLY01H-601 [branch "feature/TRYPLY01H-640"] remote = origin merge = refs/heads/feature/TRYPLY01H-640 [branch "feature/TRYPLY01H-650"] remote = origin merge = refs/heads/feature/TRYPLY01H-650
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522fe65cbe7
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/MontanaBanana/app.tryp.ly fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master [branch "dev"] remote = origin merge = refs/heads/dev [branch "feature/TRYPLY01H-501"] remote = origin merge = refs/heads/feature/TRYPLY01H-501
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223790bebc
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/MontanaBanana/app.tryp.ly fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master [branch "dev"] remote = origin merge = refs/heads/dev
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652245bfbed5
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/MontanaBanana/app.tryp.ly fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
Public Swagger UI/API detected at path: /swagger/index.html
Open service 52.1.217.214:443 · tryply.montanab.com
2026-01-22 21:43
HTTP/1.1 500 Internal Server Error Server: nginx Date: Thu, 22 Jan 2026 21:43:51 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.0.30
Open service 52.1.217.214:443 · tryply.montanab.com
2026-01-13 00:03
HTTP/1.1 500 Internal Server Error Server: nginx Date: Tue, 13 Jan 2026 00:03:59 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.0.30
Open service 52.1.217.214:80 · tryply.montanab.com
2026-01-13 00:03
HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 13 Jan 2026 00:03:58 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://tryply.montanab.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>