LeakIX - Host uat4.realcube.estate

Domain uat4.realcube.estate

United States

Akamai International B.V.

Software information

AkamaiGHost

tcp/80

nginx nginx

tcp/443 tcp/80

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 18.225.21.134
Domain: uat4.realcube.estate
Port: 443
URL: https://uat4.realcube.estate

First seen 2024-07-30 11:56
Last seen 2025-11-30 16:35
Open for 488 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044bcbb9f9adb89503bfca4395b5c3ba1d5

[core]
	repositoryformatversion = 0
	fileMode = false
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codehub.exalogic.co/exalogic-web-app/realcube-edge.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "stagging_new"]
	remote = origin
	merge = refs/heads/stagging_new

Found on 2025-11-30 16:35

358 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652221fde764

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codehub.exalogic.co/exalogic-web-app/realcube-edge.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "stagging_new"]
	remote = origin
	merge = refs/heads/stagging_new

Found on 2025-01-10 07:51

357 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522438cbd3a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codehub.exalogic.co/exalogic-web-app/cube.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "stagging_new_core"]
	remote = origin
	merge = refs/heads/stagging_new_core
[branch "stagging_new"]
	remote = origin
	merge = refs/heads/stagging_new
[branch "aldar_apis"]
	remote = origin
	merge = refs/heads/aldar_apis

Found on 2024-08-04 23:03

506 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 18.225.21.134
Domain: uat4.realcube.estate
Port: 80
URL: http://uat4.realcube.estate

First seen 2024-07-30 11:56
Last seen 2026-01-02 11:02
Open for 520 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044bcbb9f9adb89503bfca4395b5c3ba1d5

[core]
	repositoryformatversion = 0
	fileMode = false
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codehub.exalogic.co/exalogic-web-app/realcube-edge.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "stagging_new"]
	remote = origin
	merge = refs/heads/stagging_new

Found on 2026-01-02 11:02

358 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652221fde764

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codehub.exalogic.co/exalogic-web-app/realcube-edge.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "stagging_new"]
	remote = origin
	merge = refs/heads/stagging_new

Found on 2025-01-08 22:05

357 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522438cbd3a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://codehub.exalogic.co/exalogic-web-app/cube.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "stagging_new_core"]
	remote = origin
	merge = refs/heads/stagging_new_core
[branch "stagging_new"]
	remote = origin
	merge = refs/heads/stagging_new
[branch "aldar_apis"]
	remote = origin
	merge = refs/heads/aldar_apis

Found on 2024-08-04 18:52

506 Bytes

Create report

Open service 18.225.21.134:80 · uat4.realcube.estate

2026-01-09 04:27

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Jan 2026 04:21:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
Set-Cookie: ci_sessions=g2pni4fnqs5nlf1qf38qou1i79hgvbir; expires=Fri, 09-Jan-2026 06:21:24 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

Page title: Login to Provis

<!DOCTYPE html>
<style type="text/css">
 
</style>
<html lang="en">

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="Modern Admin" content="The most complete & feature packed bootstrap 4 admin template of 2018!">
    <meta name="keywords" content=" admin, admin dashboard, admin template, admin theme, bitcoin, bootstrap, bootstrap 4, bootstrap admin, bootstrap admin template, bootstrap admin theme, bootstrap dashboard, crypto cards, crypto dashboard, dashboard template, responsive">
    <title>Login to Provis</title>
    <link rel="apple-touch-icon" sizes="76x76" href="http://uat4.realcube.estate//theme/provisUI/img/provis-iconmark.png">
    <link rel="icon" href="http://uat4.realcube.estate//theme/provisUI/img/provis-iconmark.png" sizes="32x32">
    <link href="https://fonts.googleapis.com/css?family=Tajawal:400,500,700" rel="stylesheet">
    <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
    <link rel="stylesheet" type="text/css" href="http://uat4.realcube.estate//theme/provisUI/css/sb-admin-2.min.css?v=83">
    <link rel="stylesheet" type="text/css" href="http://uat4.realcube.estate//theme/provisUI/css/style.css?v=83">


    <!-- Google Tag Manager -->
    <!-- <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
            new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
            j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
            'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
        })(window,document,'script','dataLayer','GTM-NR2GPHJ');</script> -->
    <!-- End Google Tag Manager -->


    <!-- Tag for Activity Group: Login Success, Activity Name: Provis_Portal_Login Success_EN, Activity ID: 8965252 -->
    <!-- Expected URL: https://myportal.provis.ae/login (After Successful Login)-->

    <!--
    Activity ID: 8965252
    Activity Name: Provis_Portal_Login Success_EN
    Activity Group Name: Login Success
    -->

    <!--
    Start of global snippet: Please do not remove
    Place this snippet between the <head> and </head> tags on every page of your site.
    -->
    <!-- Global site tag (gtag.js) - Google Marketing Platform -->
    <!-- <script async src="https://www.googletagmanager.com/gtag/js?id=DC-9200188"></script>
    <script>
        window.dataLayer = window.dataLayer || [];
        function gtag(){dataLayer.push(arguments);}
        gtag('js', new Date());

        gtag('config', 'DC-9200188');
    </script> -->
    <!-- End of global snippet: Please do not remove -->

    <!-- Facebook Pixel Code -->
    <script>
        !function(f,b,e,v,n,t,s)
        {if(f.fbq)return;n=f.fbq=function(){n.callMethod?
            n.callMethod.apply(n,arguments):n.queue.push(arguments)};
            if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';
            n.queue=[];t=b.createElement(e);t.async=!0;
            t.src=v;s=b.getElementsByTagName(e)[0];
            s.parentNode.insertBefore(t,s)}(window, document,'script',
            'https://connect.facebook.net/en_US/fbevents.js');
        fbq('init', '711566605911691');
        fbq('track', 'PageView');
    </script>
<!-- <script src="https://www.google.com/recaptcha/api.js?onload=checkGrecaptchaToLoad&render=explicit" async defer></script> -->
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
 <script>
function onSubmit(token) {
    encryptData();
    document.getElementById("login_form").submit();
}
</script>

    <noscript>
        <img height="1" width="1" style="display:none"
                   src="https://www.facebook.com/tr?id=711566605911691&ev=PageView&noscript=1"
        /></noscript>
    <!-- End Facebook Pixel Code -->
</head>
<body>
    <!-- Google Tag Manager (noscript) -->
    <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-NR2GPHJ"
                      height="0" width="0" st

Found 2026-01-09 by HttpPlugin

Create report

Open service 18.225.21.134:443 · uat4.realcube.estate

2026-01-08 19:03

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Jan 2026 18:56:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
Set-Cookie: ci_sessions=vsvvp16snc33od88gb9o4ua6q83kroq3; expires=Thu, 08-Jan-2026 20:56:56 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'; frame-src 'unsafe-inline' 'self' none https://uat4.realcube.estate  https://livesit.aldar.com https://livepreprod.aldar.com https://liveuat.aldar.com https://khidmah.com.edgekey.net https://www.gstatic.com https://www.google.com atlassian-companion:; img-src 'self' data: https:; media-src https://res.cloudinary.com; style-src * 'unsafe-inline' https://www.googletagmanager.com; script-src * 'unsafe-inline' https://www.quantummetric.com https://fonts.googleapis.com https://connect.facebook.net https://ingest.quantummetric.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com; font-src * 'unsafe-inline' data:

Page title: Login to Provis

<!DOCTYPE html>
<style type="text/css">
 
</style>
<html lang="en">

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="Modern Admin" content="The most complete & feature packed bootstrap 4 admin template of 2018!">
    <meta name="keywords" content=" admin, admin dashboard, admin template, admin theme, bitcoin, bootstrap, bootstrap 4, bootstrap admin, bootstrap admin template, bootstrap admin theme, bootstrap dashboard, crypto cards, crypto dashboard, dashboard template, responsive">
    <title>Login to Provis</title>
    <link rel="apple-touch-icon" sizes="76x76" href="https://uat4.realcube.estate//theme/provisUI/img/provis-iconmark.png">
    <link rel="icon" href="https://uat4.realcube.estate//theme/provisUI/img/provis-iconmark.png" sizes="32x32">
    <link href="https://fonts.googleapis.com/css?family=Tajawal:400,500,700" rel="stylesheet">
    <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
    <link rel="stylesheet" type="text/css" href="https://uat4.realcube.estate//theme/provisUI/css/sb-admin-2.min.css?v=83">
    <link rel="stylesheet" type="text/css" href="https://uat4.realcube.estate//theme/provisUI/css/style.css?v=83">


    <!-- Google Tag Manager -->
    <!-- <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
            new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
            j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
            'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
        })(window,document,'script','dataLayer','GTM-NR2GPHJ');</script> -->
    <!-- End Google Tag Manager -->


    <!-- Tag for Activity Group: Login Success, Activity Name: Provis_Portal_Login Success_EN, Activity ID: 8965252 -->
    <!-- Expected URL: https://myportal.provis.ae/login (After Successful Login)-->

    <!--
    Activity ID: 8965252
    Activity Name: Provis_Portal_Login Success_EN
    Activity Group Name: Login Success
    -->

    <!--
    Start of global snippet: Please do not remove
    Place this snippet between the <head> and </head> tags on every page of your site.
    -->
    <!-- Global site tag (gtag.js) - Google Marketing Platform -->
    <!-- <script async src="https://www.googletagmanager.com/gtag/js?id=DC-9200188"></script>
    <script>
        window.dataLayer = window.dataLayer || [];
        function gtag(){dataLayer.push(arguments);}
        gtag('js', new Date());

        gtag('config', 'DC-9200188');
    </script> -->
    <!-- End of global snippet: Please do not remove -->

    <!-- Facebook Pixel Code -->
    <script>
        !function(f,b,e,v,n,t,s)
        {if(f.fbq)return;n=f.fbq=function(){n.callMethod?
            n.callMethod.apply(n,arguments):n.queue.push(arguments)};
            if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';
            n.queue=[];t=b.createElement(e);t.async=!0;
            t.src=v;s=b.getElementsByTagName(e)[0];
            s.parentNode.insertBefore(t,s)}(window, document,'script',
            'https://connect.facebook.net/en_US/fbevents.js');
        fbq('init', '711566605911691');
        fbq('track', 'PageView');
    </script>
<!-- <script src="https://www.google.com/recaptcha/api.js?onload=checkGrecaptchaToLoad&render=explicit" async defer></script> -->
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
 <script>
function onSubmit(token) {
    encryptData();
    document.getElementById("login_form").submit();
}
</script>

    <noscript>
        <img height="1" width="1" style="display:none"
                   src="https://www.facebook.com/tr?id=711566605911691&ev=PageView&noscript=1"
        /></noscript>
    <!-- End Facebook Pixel Code -->
</head>
<body>
    <!-- Google Tag Manager (noscript) -->
    <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-NR2GPHJ"
                      height="0" width="0

Found 2026-01-08 by HttpPlugin