LeakIX - Host 52.6.18.78

Host 52.6.18.78

United States

AMAZON-AES

Ubuntu

Software information

awselb awselb 2.0

tcp/80

nginx nginx

tcp/443

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 52.6.18.78
Domain: devderek.com.co
Port: 443
URL: https://devderek.com.co

First seen 2023-02-23 09:14
Last seen 2024-04-08 06:49
Open for 409 days

Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220f794b30

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://lizmanchego@bitbucket.org/baguerweb/web-derek.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "develop"]
	remote = origin
	merge = refs/heads/develop

Found on 2024-04-08 06:49

346 Bytes

Severity: high
Fingerprint: 2580fa947e78dd08e645819d5824ae6e78b8902bc39bee77da0ebf04635cdb1f

HTTP/1.1 200 OK
Date: Tue, 09 May 2023 03:40:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Page title: Tienda Derek[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://lizmanchego@bitbucket.org/baguerweb/web-derek.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "develop"]
	remote = origin
	merge = refs/heads/develop

Found on 2023-05-09 03:40

346 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 52.6.18.78
Port: 443
URL: https://52.6.18.78

First seen 2023-05-18 02:26
Last seen 2023-05-25 17:03
Open for 7 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc0363d38cb828adac124967581c201a6e
```
Found 4 files trough .DS_Store spidering:

/assets
/css
/img
/js
```
  Found on 2023-05-18 02:26
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 52.6.18.78
Port: 443
URL: https://52.6.18.78

First seen 2023-05-18 02:26
Last seen 2023-05-25 17:03
Open for 7 days
- Severity: high
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65224251d006
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://lizmanchego@bitbucket.org/baguerweb/web-stirpe.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "develop"]
	remote = origin
	merge = refs/heads/develop
```
  Found on 2023-05-18 02:26
  
  347 Bytes
Create report

Open service 52.6.18.78:443

2024-06-14 06:11

HTTP/1.1 200 OK
Date: Fri, 14 Jun 2024 06:11:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Server: nginx
X-Powered-By: PHP/8.2.10
Cache-Control: no-cache, private
Set-Cookie: october_session=eyJpdiI6IndvR2p4MkRsVWgvcFFQRzNsTUNtcEE9PSIsInZhbHVlIjoiNWdhZFZ3TkQyOFlpNS95OFB1b09VblhWTEpOdFRCUVpLNEV0TWpuVE5CSUdEY3prdFgrQk5Rc3JhZGtaTnVhd2VmU3ZZWnl3bUFvdFBtdlg4T08vSlQxYzZOaVpuMlZyb2tJRGRsTlRjYmxDQkhpK3htTWZpYktJMVh2Wmc4WVciLCJtYWMiOiIyMGY5ZDA1NWRiNjJiODZjNzcyMGMwZmQwZjk0OWRhMzEwNmU3YzQxMTkyMzMzODM0ZmI4MzBhNDc1YWZkMGYyIiwidGFnIjoiIn0%3D; expires=Fri, 14 Jun 2024 08:11:31 GMT; Max-Age=7200; path=/; httponly; samesite=lax

Found 2 days ago by HttpPlugin

Create report

Open service 52.6.18.78:80

2024-06-13 23:09

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 13 Jun 2024 23:09:34 GMT
Content-Type: text/html
Content-Length: 134
Connection: close
Location: https://52.6.18.78:443/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
</body>
</html>

Found 2 days ago by HttpPlugin

Create report

Open service 52.6.18.78:443 · devderek.com.co

2024-06-03 23:39

HTTP/1.1 200 OK
Date: Mon, 03 Jun 2024 23:39:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Server: nginx
X-Powered-By: PHP/8.2.10
Cache-Control: no-cache, private
Set-Cookie: october_session=eyJpdiI6Ikg5UVFnZ1VsYit4d3dqbGZFN1h5a0E9PSIsInZhbHVlIjoiUmczSTBXamt0alo5UmpoR2Nhem42Z0ZhYTdlN0JQbEVINnU4SFJ4WGVQd1JwcWFkL24xRUhJS21NbVVCb1VnZjZ3U0FpOHcwRXI3eHBQYjIxd0lPTnhRSy9oaXlINlRIek1MUzNDSEd2ZjBYNTdZc2NQY0N6LzNhZE13dmFEL00iLCJtYWMiOiI3M2E1ZTM4NzliYmVhYzBjMzU1NjRiMzkxNGM5YWM0OGM2OTg4OGUxZGIwZmJjZGNlMDdmMjMzZWVjNGZjODRkIiwidGFnIjoiIn0%3D; expires=Tue, 04 Jun 2024 01:39:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax

Found 2024-06-03 by HttpPlugin

Create report

*.pendalearning.compendalearning.com

Fingerprint:

279f46eaf7e861b5a238639fef4539c3c347cd52ca42b81d7938d66d2a8b45fb

CN:

*.pendalearning.com

Key:

RSA-2048

Issuer:

Amazon RSA 2048 M02

Not before:

2023-07-23 00:00

Not after:

2024-08-20 23:59

Domain summary

devderek.com.co 2

1 recorded

Host 52.6.18.78

United States

Software information

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

Create report

Create report

Create report

*.pendalearning.compendalearning.com

Domain summary