Host 194.95.207.181
Germany
Software information
Apache 2.4.65
tcp/443 tcp/80
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.IP: 194.95.207.181
Domain: pm.mebis.alp.dillingen.de
Port: 443
URL: https://pm.mebis.alp.dillingen.de/.git/configFirst seen 2021-09-04 00:16
Last seen 2026-01-02 09:33
Open for 1581 days-
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652285e03841
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/kanboard/kanboard.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Found on 2026-01-02 09:33265 Bytes
-
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
IP: 194.95.207.181
Domain: gitlab.mebis.alp.dillingen.de
Port: 443
URL: https://gitlab.mebis.alp.dillingen.deFirst seen 2025-11-19 11:40
Last seen 2026-01-02 07:33
Open for 43 days-
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d603073f8703073f8703073f8703073f8703073f87GraphQL introspection enabled at /api/graphql Detected: GitLab
Found on 2026-01-02 07:33 -
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6GraphQL introspection enabled at /api/graphql
Found on 2025-12-06 19:01 -
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6fa8f57cf1f8f335de3915213dc94b0cbd146c80eGraphQL introspection enabled at /api/graphql Types: 1600 (by kind: ENUM: 183, INPUT_OBJECT: 305, INTERFACE: 26, OBJECT: 961, SCALAR: 117, UNION: 8) Operations: - Query: Query | fields: abuseReport, abuseReportLabels, adminGroups, adminProjects, auditEventDefinitions - Mutation: Mutation | fields: abuseReportLabelCreate, achievementsAward, achievementsCreate, achievementsDelete, achievementsRevoke - Subscription: Subscription | fields: ciJobProcessed, ciJobStatusUpdated, ciPipelineScheduleStatusUpdated, ciPipelineStatusUpdated, issuableAssigneesUpdated Directives: deprecated, gl_introduced, include, oneOf, skip, specifiedBy (total: 6)
Found on 2025-12-01 03:022.7 MBytes
-
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.First seen 2023-01-30 08:54
Last seen 2026-01-02 01:38
Open for 1067 days-
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652285e03841[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/kanboard/kanboard.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Found on 2026-01-02 01:38265 Bytes
-
-
Open service 194.95.207.181:443 · pm.mebis.alp.dillingen.de
2026-01-09 15:56
HTTP/1.1 302 Found Date: Fri, 09 Jan 2026 15:56:05 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=q9ljjck8rle7nf2r57iur5jcgu; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Strict-Transport-Security: max-age=31536000 Location: /?controller=AuthController&action=login Strict-Transport-Security: max-age=15768000;includeSubdomains Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 13 hours ago by HttpPluginCreate report
-
Open service 194.95.207.181:80 · pm.mebis.alp.dillingen.de
2026-01-09 12:53
HTTP/1.1 302 Found Date: Fri, 09 Jan 2026 12:53:51 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=qqd9n419da7m2j06ml0vjfkeje; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Location: /?controller=AuthController&action=login Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 16 hours ago by HttpPluginCreate report
-
Open service 194.95.207.181:443 · gitlab.mebis.alp.dillingen.de
2026-01-09 07:26
HTTP/1.1 302 Found Date: Fri, 09 Jan 2026 07:26:33 GMT Server: Apache/2.4.65 (Debian) Cache-Control: no-cache Content-Length: 117 Content-Security-Policy: Content-Type: text/html; charset=utf-8 Location: https://gitlab.mebis.alp.dillingen.de/users/sign_in Nel: {"max_age": 0} Permissions-Policy: interest-cohort=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KEGTCQWAEF110HWNNZRR2T99","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KEGTCQWAEF110HWNNZRR2T99 X-Runtime: 0.020026 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000;includeSubdomains Connection: close <html><body>You are being <a href="https://gitlab.mebis.alp.dillingen.de/users/sign_in">redirected</a>.</body></html>Found 21 hours ago by HttpPluginCreate report
-
Open service 194.95.207.181:443 · pm.mebis.alp.dillingen.de
2026-01-02 09:33
HTTP/1.1 302 Found Date: Fri, 02 Jan 2026 09:33:42 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=jfkh1qmajnvjqs6sc8o73pej4t; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Strict-Transport-Security: max-age=31536000 Location: /?controller=AuthController&action=login Strict-Transport-Security: max-age=15768000;includeSubdomains Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2026-01-02 by HttpPluginCreate report
-
Open service 194.95.207.181:443 · gitlab.mebis.alp.dillingen.de
2026-01-02 07:33
HTTP/1.1 302 Found Date: Fri, 02 Jan 2026 07:33:50 GMT Server: Apache/2.4.65 (Debian) Cache-Control: no-cache Content-Length: 117 Content-Security-Policy: Content-Type: text/html; charset=utf-8 Location: https://gitlab.mebis.alp.dillingen.de/users/sign_in Nel: {"max_age": 0} Permissions-Policy: interest-cohort=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KDYT10VFQXPBPEEC44Y6HDWP","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KDYT10VFQXPBPEEC44Y6HDWP X-Runtime: 0.021396 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000;includeSubdomains Connection: close <html><body>You are being <a href="https://gitlab.mebis.alp.dillingen.de/users/sign_in">redirected</a>.</body></html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 194.95.207.181:80 · pm.mebis.alp.dillingen.de
2026-01-02 01:38
HTTP/1.1 302 Found Date: Fri, 02 Jan 2026 01:38:28 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=h2teg50f7ugrg4ijfbtkjja0l5; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Location: /?controller=AuthController&action=login Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2026-01-02 by HttpPluginCreate report
-
Open service 194.95.207.181:80 · pm.mebis.alp.dillingen.de
2025-12-30 12:33
HTTP/1.1 302 Found Date: Tue, 30 Dec 2025 12:33:40 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=fdbp8cnbsb5crf6lc0r036ej2f; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Location: /?controller=AuthController&action=login Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2025-12-30 by HttpPluginCreate report
-
Open service 194.95.207.181:443 · gitlab.mebis.alp.dillingen.de
2025-12-23 06:23
HTTP/1.1 302 Found Date: Tue, 23 Dec 2025 06:23:24 GMT Server: Apache/2.4.65 (Debian) Cache-Control: no-cache Content-Length: 117 Content-Security-Policy: Content-Type: text/html; charset=utf-8 Location: https://gitlab.mebis.alp.dillingen.de/users/sign_in Nel: {"max_age": 0} Permissions-Policy: interest-cohort=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KD4Y0WNF1K9KAG35HW3N8860","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KD4Y0WNF1K9KAG35HW3N8860 X-Runtime: 0.020863 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000;includeSubdomains Connection: close <html><body>You are being <a href="https://gitlab.mebis.alp.dillingen.de/users/sign_in">redirected</a>.</body></html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 194.95.207.181:443 · pm.mebis.alp.dillingen.de
2025-12-22 23:55
HTTP/1.1 302 Found Date: Mon, 22 Dec 2025 23:55:37 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=eohv5285cvoa1urg4v98k487u6; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Strict-Transport-Security: max-age=31536000 Location: /?controller=AuthController&action=login Strict-Transport-Security: max-age=15768000;includeSubdomains Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2025-12-22 by HttpPluginCreate report
-
Open service 194.95.207.181:80 · pm.mebis.alp.dillingen.de
2025-12-22 08:02
HTTP/1.1 302 Found Date: Mon, 22 Dec 2025 08:02:39 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=qlknmk30mtbha19lcpduv558sb; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Location: /?controller=AuthController&action=login Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2025-12-22 by HttpPluginCreate report
-
Open service 194.95.207.181:443 · gitlab.mebis.alp.dillingen.de
2025-12-21 07:50
HTTP/1.1 302 Found Date: Sun, 21 Dec 2025 07:50:56 GMT Server: Apache/2.4.65 (Debian) Cache-Control: no-cache Content-Length: 117 Content-Security-Policy: Content-Type: text/html; charset=utf-8 Location: https://gitlab.mebis.alp.dillingen.de/users/sign_in Nel: {"max_age": 0} Permissions-Policy: interest-cohort=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KCZY7PTN7HE0MN18XD94NH0K","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KCZY7PTN7HE0MN18XD94NH0K X-Runtime: 0.019392 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000;includeSubdomains Connection: close <html><body>You are being <a href="https://gitlab.mebis.alp.dillingen.de/users/sign_in">redirected</a>.</body></html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 194.95.207.181:80 · pm.mebis.alp.dillingen.de
2025-12-20 06:51
HTTP/1.1 302 Found Date: Sat, 20 Dec 2025 06:51:26 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=shijbhqogec3li3bq0ef7p6025; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Location: /?controller=AuthController&action=login Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2025-12-20 by HttpPluginCreate report
-
Open service 194.95.207.181:443 · pm.mebis.alp.dillingen.de
2025-12-20 05:31
HTTP/1.1 302 Found Date: Sat, 20 Dec 2025 05:31:43 GMT Server: Apache/2.4.65 (Debian) Set-Cookie: KB_SID=s7nabjtpjdcb08nut48l74ba2l; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" X-Frame-Options: DENY Strict-Transport-Security: max-age=31536000 Location: /?controller=AuthController&action=login Strict-Transport-Security: max-age=15768000;includeSubdomains Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
Found 2025-12-20 by HttpPluginCreate report
-
Open service 194.95.207.181:443 · gitlab.mebis.alp.dillingen.de
2025-12-19 09:30
HTTP/1.1 302 Found Date: Fri, 19 Dec 2025 09:30:55 GMT Server: Apache/2.4.65 (Debian) Cache-Control: no-cache Content-Length: 117 Content-Security-Policy: Content-Type: text/html; charset=utf-8 Location: https://gitlab.mebis.alp.dillingen.de/users/sign_in Nel: {"max_age": 0} Permissions-Policy: interest-cohort=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KCTZ5C073HYS5AH5E39S9TPA","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KCTZ5C073HYS5AH5E39S9TPA X-Runtime: 0.018250 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000;includeSubdomains Connection: close <html><body>You are being <a href="https://gitlab.mebis.alp.dillingen.de/users/sign_in">redirected</a>.</body></html>Found 2025-12-19 by HttpPluginCreate report