nginx 1.23.3
tcp/443 tcp/80
The Redis instance is open to the public.
This could result to data leak and code execution.
Severity: medium
Fingerprint: d606b92f1b5fdf1897c596ab97c596ab97c596ab97c596ab97c596ab97c596ab
Redis is open with 4 keys in dbs
Severity: medium
Fingerprint: d606b92f1b5fdf18476e4752476e4752476e4752476e4752476e4752476e4752
Redis is open with 1 keys in dbs
Severity: medium
Fingerprint: d606b92f1b5fdf185497e6545497e6545497e6545497e6545497e6545497e654
Redis is open with 3 keys in dbs
Severity: medium
Fingerprint: d606b92f1b5fdf185732408f5732408f5732408f5732408f5732408f5732408f
Redis is open with 0 keys in dbs
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522d98dbebc
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://bitbucket.org/city-retargeting/retargeting-ui.git fetch = +refs/heads/*:refs/remotes/origin/* [submodule "git_modules/core-ui"] url = https://nebaz@bitbucket.org/city-retargeting/core-ui.git
Open service 82.202.166.118:80
2024-06-15 09:30
HTTP/1.1 200 OK Server: nginx/1.23.3 Date: Sat, 15 Jun 2024 09:30:47 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 0 Connection: close set-cookie: sessionId=Fx14GmHfGRkBP1lpOEq40LWfHv0mLLPJ.nX5qOxtsipIdEdXh1Gel8Eeznlh67MDEPTM9SgglHmE; Path=/; HttpOnly; Secure; SameSite=none; Expires=Sun, 16 Jun 2024 09:30:47 GMT; HttpOnly; SameSite=Lax Cache-Control: no-store, no-cache, private Pragma: no-cache
Open service 82.202.166.118:443
2024-06-14 07:02
HTTP/1.1 200 OK Server: nginx/1.23.3 Date: Fri, 14 Jun 2024 07:02:33 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 0 Connection: close set-cookie: sessionId=58VtIZcHiZEfGrpFu7uwt29SyhG-mUwl.ShDNvglJjU%2BmvFDhvgftlnr5dqDgJJDKIOb2FTm%2FD4k; Path=/; HttpOnly; Secure; SameSite=none; Expires=Sat, 15 Jun 2024 07:02:33 GMT; HttpOnly; SameSite=Lax Cache-Control: no-store, no-cache, private Pragma: no-cache