LeakIX - Host 99.86.4.86

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: q98uhhi.gj46gz2r0znw.top
Port: 80
URL: http://q98uhhi.gj46gz2r0znw.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 22:01
Open for 212 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 22:01

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 00:00

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: q98uhhi.gj46gz2r0znw.top
Port: 443
URL: https://q98uhhi.gj46gz2r0znw.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 20:42
Open for 212 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 20:42

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 11:34

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: 8565gfhdf.pn04e9jrubwc.top
Port: 443
URL: https://8565gfhdf.pn04e9jrubwc.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 20:39
Open for 212 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 20:39

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 03:59

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: dsadwe19.8aeasip8iiyb.top
Port: 443
URL: https://dsadwe19.8aeasip8iiyb.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 18:52
Open for 212 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 18:52

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 08:31

265 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: peacebox.shinbunbun.info
Port: 443
URL: https://peacebox.shinbunbun.info

First seen 2023-01-14 02:56
Last seen 2025-10-16 14:36
Open for 1006 days

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d30cfc9d430cfc9d430cfc9d430cfc9d4
```
Found 1 files trough .DS_Store spidering:

/templateImg.png
```
Found on 2025-10-16 14:36

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: dsadwe19.8aeasip8iiyb.top
Port: 80
URL: http://dsadwe19.8aeasip8iiyb.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 13:25
Open for 212 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 13:25

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 09:23

265 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: salespro.eagleironworks.com
Port: 443
URL: https://salespro.eagleironworks.com

First seen 2025-03-11 22:51
Last seen 2025-10-16 10:09
Open for 218 days

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8a1bdbd98a1bdbd98a1bdbd98a1bdbd9
```
Found 1 files trough .DS_Store spidering:

/solution.pdf
```
Found on 2025-10-16 10:09

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: ccgdelhi.org
Port: 443
URL: https://ccgdelhi.org

First seen 2022-12-17 14:35
Last seen 2025-10-16 09:48
Open for 1033 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522bb88be63

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = git@bitbucket.org:ccg-delhi/ccgdelhi-front.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "feature/home-slider"]
	remote = origin
	merge = refs/heads/feature/home-slider
[branch "feature/seoimprove"]
	remote = origin
	merge = refs/heads/feature/seoimprove
[branch "origin/devchanges"]
	remote = origin
	merge = refs/heads/origin/devchanges
[branch "feature/po-work"]
	remote = origin
	merge = refs/heads/feature/po-work

Found on 2025-10-16 09:48

609 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522a8cc7cae

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = git@bitbucket.org:ccg-delhi/ccgdelhi-front.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "feature/home-slider"]
	remote = origin
	merge = refs/heads/feature/home-slider
[branch "feature/seoimprove"]
	remote = origin
	merge = refs/heads/feature/seoimprove
[branch "origin/devchanges"]
	remote = origin
	merge = refs/heads/origin/devchanges

Found on 2022-12-17 14:35

529 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: ds67jhgghr.uaoh33ndztbl.top
Port: 80
URL: http://ds67jhgghr.uaoh33ndztbl.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 08:47
Open for 211 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 08:47

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-28 20:59

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: ewqe65fds.mb4ddvpwr5mq.top
Port: 80
URL: http://ewqe65fds.mb4ddvpwr5mq.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 07:46
Open for 211 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 07:46

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-28 20:59

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: 98ji9kvb.gx80zstf80oq.top
Port: 443
URL: https://98ji9kvb.gx80zstf80oq.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 05:16
Open for 211 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 05:16

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 07:02

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: ds67jhgghr.uaoh33ndztbl.top
Port: 443
URL: https://ds67jhgghr.uaoh33ndztbl.top

First seen 2025-03-18 10:46
Last seen 2025-10-16 05:01
Open for 211 days

Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652258c05b03

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://root:Hys581x9505!@gituu23mm.com:8082/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-10-16 05:01

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e759c9ce

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://www.yccom5mon.com/root/proxy-web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main

Found on 2025-08-29 04:51

265 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.

IP: 99.86.4.86
Domain: blackrangeequestrian.com.au
Port: 443
URL: https://blackrangeequestrian.com.au

First seen 2023-08-11 04:27
Last seen 2025-10-15 12:34
Open for 796 days

Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba91884022e566c81f37080f9

[init]
	defaultBranch = none
[fetch]
	recurseSubmodules = false
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab-ci-token:64_PNrpsa9AzxG7eJZcNs9W@gitlab.com/hestrfell1/www.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2025-10-15 12:34

304 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: topleadpoisoninglawyers.com
Port: 443
URL: https://topleadpoisoninglawyers.com

First seen 2024-07-17 04:51
Last seen 2025-10-15 07:09
Open for 455 days

Severity: low
Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d84268db690fc888efbaf269e7b458b4e7

Found 8 files trough .DS_Store spidering:

/images
/images/backArrow.svg
/images/bckgrnd.png
/images/close.png
/images/Group 772544561.svg
/images/minus.svg
/images/navClose.svg
/images/plus.svg

Found on 2025-10-15 07:09

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
Found on 2025-07-20 10:51

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: dev.batsamayi.com
Port: 443
URL: https://dev.batsamayi.com

First seen 2023-11-21 12:56
Last seen 2025-10-15 03:52
Open for 693 days

Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb932605ed

[core]
	repositoryformatversion = 0
	filemode = false
	bare = false
	logallrefupdates = true
	ignorecase = true
	longpaths = true
[remote "origin"]
	url = https://BATSAMAYIWEBAPPS@dev.azure.com/BATSAMAYIWEBAPPS/BATSAMAYI.COM/_git/BATSAMAYI.COM
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http]
	version = HTTP/1.1

Found on 2025-10-15 03:52

331 Bytes

Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb94b0fbb3

[core]
	repositoryformatversion = 0
	filemode = false
	bare = false
	logallrefupdates = true
	ignorecase = true
[remote "origin"]
	url = https://BATSAMAYIWEBAPPS@dev.azure.com/BATSAMAYIWEBAPPS/BATSAMAYI.COM/_git/BATSAMAYI.COM
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http]
	version = HTTP/1.1

Found on 2024-06-10 10:22

313 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: vintti-prod.c1.yle.fi
Port: 443
URL: https://vintti-prod.c1.yle.fi

First seen 2022-12-17 02:01
Last seen 2025-10-14 20:51
Open for 1032 days

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d18c87da418c87da418c87da418c87da4
```
Found 1 files trough .DS_Store spidering:

/www.yle.fi
```
Found on 2025-10-14 20:51

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: launcheffectapp.com
Port: 443
URL: https://launcheffectapp.com

First seen 2023-02-21 13:17
Last seen 2025-10-14 15:05
Open for 966 days

Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e9f8ddd3d1865cdfaae1d3087fa00556d3

Found 5 files trough .DS_Store spidering:

/wp-content
/wp-content/themes
/wp-content/themes/launcheffectsite
/wp-content/themes/launcheffectsite/ss
/wp-content/themes/launcheffectsite/ss/img

Found on 2025-10-14 15:05

Severity: low
Fingerprint: 5f32cf5d6962f09c0215adfc0215adfcdac9e8c2b4b6dfc50af3b57eba791f60

Found 4 files trough .DS_Store spidering:

/wp-content
/wp-content/themes
/wp-content/themes/launcheffectsite
/wp-content/themes/launcheffectsite/ss

Found on 2024-06-06 13:18

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: www.lordshotels-experiences.goyaana.com
Port: 443
URL: https://www.lordshotels-experiences.goyaana.com

First seen 2023-02-10 03:45
Last seen 2025-09-08 09:12
Open for 941 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb5df27734

[core]
	repositoryformatversion = 0
	filemode = false
	bare = false
	logallrefupdates = true
	symlinks = false
	ignorecase = true
[remote "origin"]
	url = https://git-codecommit.ap-south-1.amazonaws.com/v1/repos/godoora-ui-prod
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2025-09-08 09:12

335 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: 5063.tpkings.com
Port: 443
URL: https://5063.tpkings.com

First seen 2025-05-08 21:35
Last seen 2025-06-20 12:24
Open for 42 days

Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e9cdbb983a628a791c27d7bca5528ba942
```
Found 5 files trough .DS_Store spidering:

/images
/images/1.png
/images/2.png
/images/3.png
/images/4.png
```
Found on 2025-06-20 12:24

Severity: low
Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d8143ab0e017299471a3accd7dbe7c20c1

Found 8 files trough .DS_Store spidering:

/css
/images
/images/1.png
/images/2.png
/images/3.png
/images/4.png
/index.html
/js

Found on 2025-06-16 12:24

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: app.codfirm.in
Port: 443
URL: https://app.codfirm.in

First seen 2024-05-07 08:13
Last seen 2024-11-20 19:05
Open for 197 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220ad98d71

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	ignorecase = true
	precomposeunicode = true
[remote "origin"]
	url = git@github.com:CODfirm/codfirm-scripts.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "bug/storeIdFix"]
	remote = origin
	merge = refs/heads/bug/storeIdFix
[branch "bug/create_link_pg"]
	remote = origin
	merge = refs/heads/bug/create_link_pg
[pull]
	rebase = false
[branch "feature/ppCreateLinkUpdate"]
	remote = origin
	merge = refs/heads/feature/ppCreateLinkUpdate

Found on 2024-11-20 19:05

601 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b25afa30

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	ignorecase = true
	precomposeunicode = true
[remote "origin"]
	url = https://github.com/CODfirm/codfirm-scripts.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2024-07-10 10:18

316 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652261a89cda

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	ignorecase = true
	precomposeunicode = true
[remote "origin"]
	url = git@github.com:CODfirm/codfirm-scripts.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2024-06-12 17:41

312 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: y4nq9jpvddzm.xyz
Port: 443
URL: https://y4nq9jpvddzm.xyz

First seen 2024-10-04 04:58
Last seen 2024-10-08 06:43
Open for 4 days

Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a0904d808d7e02e9ac8f638f0164866dd3

Found 13 files trough .DS_Store spidering:

/.git
/.gitignore
/collect_301.html
/enter - 副本.html
/enter.html
/favicon.ico
/iframe.html
/index copy.html
/index.html
/QRcode - 副本.html
/QRcode.html
/README.md
/static

Found on 2024-10-08 06:43

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: 95imuhknd5hx.xyz
Port: 443
URL: https://95imuhknd5hx.xyz

First seen 2024-10-04 02:23
Last seen 2024-10-08 03:56
Open for 4 days

Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a0904d808d7e02e9ac8f638f0164866dd3

Found 13 files trough .DS_Store spidering:

/.git
/.gitignore
/collect_301.html
/enter - 副本.html
/enter.html
/favicon.ico
/iframe.html
/index copy.html
/index.html
/QRcode - 副本.html
/QRcode.html
/README.md
/static

Found on 2024-10-08 03:56

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: 92n6skn4qxj7.xyz
Port: 443
URL: https://92n6skn4qxj7.xyz

First seen 2024-10-04 06:18
Last seen 2024-10-08 00:45
Open for 3 days

Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a0904d808d7e02e9ac8f638f0164866dd3

Found 13 files trough .DS_Store spidering:

/.git
/.gitignore
/collect_301.html
/enter - 副本.html
/enter.html
/favicon.ico
/iframe.html
/index copy.html
/index.html
/QRcode - 副本.html
/QRcode.html
/README.md
/static

Found on 2024-10-08 00:45

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: 92n6skn4qxj7.xyz
Port: 443
URL: https://92n6skn4qxj7.xyz

First seen 2024-05-06 06:16
Last seen 2024-10-02 04:13
Open for 148 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652201fa2920

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://ngit.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-10-02 04:13

240 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65224a02fe66

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-09-06 02:23

239 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: fk51w2udb31.xyz
Port: 443
URL: https://fk51w2udb31.xyz

First seen 2024-07-15 09:24
Last seen 2024-10-02 03:34
Open for 78 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b011144f

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/pzhan/pzhan-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-10-02 03:34

220 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: y4nq9jpvddzm.xyz
Port: 443
URL: https://y4nq9jpvddzm.xyz

First seen 2024-05-06 05:57
Last seen 2024-10-02 03:22
Open for 148 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652201fa2920

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://ngit.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-10-02 03:22

240 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65224a02fe66

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-09-06 08:35

239 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: 95imuhknd5hx.xyz
Port: 443
URL: https://95imuhknd5hx.xyz

First seen 2024-05-06 06:06
Last seen 2024-10-02 00:06
Open for 148 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652201fa2920

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://ngit.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-10-02 00:06

240 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65224a02fe66

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-09-06 14:09

239 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 13.33.187.17
Domain: highlinecg.com
Port: 443
URL: https://highlinecg.com

First seen 2022-09-06 06:39
Last seen 2024-07-02 18:34
Open for 665 days

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
Found on 2024-07-02 18:34
Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
Found on 2022-09-06 06:39

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: jyoan6c5p8.xyz
Port: 443
URL: https://jyoan6c5p8.xyz

First seen 2023-09-29 12:49
Last seen 2024-02-03 22:13
Open for 127 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b011144f

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/pzhan/pzhan-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-02-03 22:13

220 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: cm6lwf6p0r.xyz
Port: 443
URL: https://cm6lwf6p0r.xyz

First seen 2023-11-27 12:13
Last seen 2024-02-03 01:34
Open for 67 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b011144f

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/pzhan/pzhan-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-02-03 01:34

220 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 99.86.4.86
Domain: 5d41oyy5ju.xyz
Port: 443
URL: https://5d41oyy5ju.xyz

First seen 2023-11-04 21:08
Last seen 2024-02-02 12:07
Open for 89 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65224a02fe66

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = http://git.2jsncsk2dxks.xyz/zhi/zhi-luodiye-guide.git
	fetch = +refs/heads/*:refs/remotes/origin/*

Found on 2024-02-02 12:07

239 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: www.highlinecg.com
Port: 443
URL: https://www.highlinecg.com

First seen 2022-09-06 06:39
Last seen 2023-09-23 05:49
Open for 381 days

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
Found on 2022-09-06 06:39

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: www.zdalnywarsztat.pl
Port: 443
URL: https://www.zdalnywarsztat.pl

First seen 2023-02-22 09:20
Last seen 2023-05-12 17:16
Open for 79 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b775fdf38788908d597b3c22310684fd56

Found 128 files trough .DS_Store spidering:

/app
/app/assets
/app/assets/asColorPicker
/app/assets/css
/app/assets/css/alertify.css
/app/assets/css/alertify.js
/app/assets/css/bootstrap-extend.min.css
/app/assets/css/bootstrap.min.css
/app/assets/css/site.css
/app/assets/css/site.min.css
/app/assets/data
/app/assets/datetimepicker
/app/assets/examples
/app/assets/fonts
/app/assets/fullcalendar
/app/assets/images
/app/assets/js
/app/assets/js/App
/app/assets/js/Base.js
/app/assets/js/BaseApp.js
/app/assets/js/Component.js
/app/assets/js/config
/app/assets/js/Config.js
/app/assets/js/ms-general.js
/app/assets/js/ms-gus.js
/app/assets/js/ms-klienci-edytuj.js
/app/assets/js/ms-klienci.js
/app/assets/js/ms-konto.js
/app/assets/js/ms-login.js
/app/assets/js/ms-opony.js
/app/assets/js/ms-pojazdy-edytuj.js
/app/assets/js/ms-pojazdy.js
/app/assets/js/ms-powiadomienia-edytuj.js
/app/assets/js/ms-powiadomienia.js
/app/assets/js/ms-service-files.js
/app/assets/js/ms-stanowisko-edytuj.js
/app/assets/js/ms-status-edytuj.js
/app/assets/js/ms-terminarz-edytuj.js
/app/assets/js/ms-terminarz.js
/app/assets/js/ms-type-edytuj.js
/app/assets/js/ms-user-edytuj.js
/app/assets/js/ms-ustawienia.js
/app/assets/js/ms-vin.js
/app/assets/js/ms.js
/app/assets/js/Plugin
/app/assets/js/Plugin.js
/app/assets/js/print.min.js
/app/assets/js/Section
/app/assets/js/Site.js
/app/assets/skins
/app/assets/spiner
/app/assets/switchery
/app/assets/vendor
/app/assets/vendor/ace
/app/assets/vendor/alertify
/app/assets/vendor/alertify/alertify.css
/app/assets/vendor/alertify/alertify.js
/app/assets/vendor/alertify/themes
/app/assets/vendor/animsition
/app/assets/vendor/asbreadcrumbs
/app/assets/vendor/ascolor
/app/assets/vendor/ascolorpicker
/app/assets/vendor/asgradient
/app/assets/vendor/ashoverscroll
/app/assets/vendor/aspaginator
/app/assets/vendor/aspieprogress
/app/assets/vendor/asprogress
/app/assets/vendor/asrange
/app/assets/vendor/asscrollable
/app/assets/vendor/asscrollbar
/app/assets/vendor/asspinner
/app/assets/vendor/autosize
/app/assets/vendor/aws
/app/assets/vendor/babel-external-helpers
/app/assets/vendor/blueimp-canvas-to-blob
/app/assets/vendor/blueimp-file-upload
/app/assets/vendor/blueimp-load-image
/app/assets/vendor/blueimp-tmpl
/app/assets/vendor/bootbox
/app/assets/vendor/bootstrap
/app/assets/vendor/bootstrap-datepicker
/app/assets/vendor/bootstrap-datetimepicker
/app/assets/vendor/bootstrap-datetimepicker/css
/app/assets/vendor/bootstrap-datetimepicker/js
/app/assets/vendor/bootstrap-hover-dropdown
/app/assets/vendor/bootstrap-markdown
/app/assets/vendor/bootstrap-maxlength
/app/assets/vendor/bootstrap-select
/app/assets/vendor/bootstrap-select/i18n
/app/assets/vendor/bootstrap-sweetalert
/app/assets/vendor/bootstrap-table
/app/assets/vendor/bootstrap-tagsinput
/app/assets/vendor/bootstrap-tokenfield
/app/assets/vendor/bootstrap-touchspin
/app/assets/vendor/bootstrap-treeview
/app/assets/vendor/breakpoints
/app/assets/vendor/c3
/app/assets/vendor/chart-js
/app/assets/vendor/chartist
/app/assets/vendor/chartist-plugin-tooltip
/app/assets/vendor/clockpicker
/app/assets/vendor/codemirror
/app/assets/vendor/cropper
/app/assets/vendor/d3
/app/assets/vendor/datatables
/app/assets/vendor/datatables-bootstrap
/app/assets/vendor/datatables-fixedheader
/app/assets/vendor/datatables-responsive
/app/assets/vendor/datatables-tabletools
/app/assets/vendor/datatables.net
/app/assets/vendor/datatables.net-bs4
/app/assets/vendor/datatables.net-buttons
/app/assets/vendor/datatables.net-buttons-bs4
/app/assets/vendor/datatables.net-colreorder
/app/assets/vendor/datatables.net-colreorder-bs4
/app/assets/vendor/datatables.net-fixedcolumns
/app/assets/vendor/datatables.net-fixedcolumns-bs4
/app/assets/vendor/datatables.net-fixedheader
/app/assets/vendor/datatables.net-fixedheader-bs4
/app/assets/vendor/datatables.net-responsive
/app/assets/vendor/datatables.net-responsive-bs4
/app/assets/vendor/datatables.net-rowgroup
/app/assets/vendor/datatables.net-rowgroup-bs4
/app/assets/vendor/datatables.net-rowreorder
/app/assets/vendor/datatables.net-rowreorder-bs4
/app/assets/vendor/datatables.net-scroller
/app/assets/vendor/datatables.net-scroller-bs4
/app/assets/vendor/datatables.net-select

Found on 2023-05-12 17:16

Severity: medium
Fingerprint: 5f32cf5d6962f09c5d6424645d642464cfe7d4d83fe82094e3f08886e7d8d8fb

Found 79 files trough .DS_Store spidering:

/app
/app/assets
/app/assets/asColorPicker
/app/assets/css
/app/assets/css/alertify.css
/app/assets/css/alertify.js
/app/assets/css/bootstrap-extend.min.css
/app/assets/css/bootstrap.min.css
/app/assets/css/site.css
/app/assets/css/site.min.css
/app/assets/data
/app/assets/datetimepicker
/app/assets/examples
/app/assets/fonts
/app/assets/fullcalendar
/app/assets/images
/app/assets/js
/app/assets/js/App
/app/assets/js/Base.js
/app/assets/js/BaseApp.js
/app/assets/js/Component.js
/app/assets/js/config
/app/assets/js/Config.js
/app/assets/js/ms-general.js
/app/assets/js/ms-gus.js
/app/assets/js/ms-klienci-edytuj.js
/app/assets/js/ms-klienci.js
/app/assets/js/ms-konto.js
/app/assets/js/ms-login.js
/app/assets/js/ms-opony.js
/app/assets/js/ms-pojazdy-edytuj.js
/app/assets/js/ms-pojazdy.js
/app/assets/js/ms-powiadomienia-edytuj.js
/app/assets/js/ms-powiadomienia.js
/app/assets/js/ms-service-files.js
/app/assets/js/ms-stanowisko-edytuj.js
/app/assets/js/ms-status-edytuj.js
/app/assets/js/ms-terminarz-edytuj.js
/app/assets/js/ms-terminarz.js
/app/assets/js/ms-type-edytuj.js
/app/assets/js/ms-user-edytuj.js
/app/assets/js/ms-ustawienia.js
/app/assets/js/ms-vin.js
/app/assets/js/ms.js
/app/assets/js/Plugin
/app/assets/js/Plugin.js
/app/assets/js/print.min.js
/app/assets/js/Section
/app/assets/js/Site.js
/app/assets/skins
/app/assets/spiner
/app/assets/switchery
/app/assets/vendor
/app/klienci
/app/konto
/app/login
/app/pliki
/app/potwierdz-haslo
/app/potwierdzenie
/app/rejestracja
/app/rowery
/app/schowek
/app/statystyki
/app/ustawienia
/app/wypozyczalnia
/app/zapomniane-haslo
/app/zlecenia
/app/zmiana-hasla
/cennik
/css
/fonts
/funkcje
/img
/index.html
/js
/kontakt
/polityka-prywatnosci
/robots.txt
/sitemap.xml

Found on 2023-02-22 09:20

Severity: medium
Fingerprint: 5f32cf5d6962f09c114fbe07114fbe07cd8b255708e1ddc96c50900152181d1d

Found 47 files trough .DS_Store spidering:

/app
/app/assets
/app/assets/asColorPicker
/app/assets/css
/app/assets/css/alertify.css
/app/assets/css/alertify.js
/app/assets/css/bootstrap-extend.min.css
/app/assets/css/bootstrap.min.css
/app/assets/css/site.css
/app/assets/css/site.min.css
/app/assets/data
/app/assets/datetimepicker
/app/assets/examples
/app/assets/fonts
/app/assets/fullcalendar
/app/assets/images
/app/assets/js
/app/assets/skins
/app/assets/spiner
/app/assets/switchery
/app/assets/vendor
/app/klienci
/app/konto
/app/login
/app/pliki
/app/potwierdz-haslo
/app/potwierdzenie
/app/rejestracja
/app/rowery
/app/schowek
/app/statystyki
/app/ustawienia
/app/wypozyczalnia
/app/zapomniane-haslo
/app/zlecenia
/app/zmiana-hasla
/cennik
/css
/fonts
/funkcje
/img
/index.html
/js
/kontakt
/polityka-prywatnosci
/robots.txt
/sitemap.xml

Found on 2023-02-22 09:20

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b775fdf38788908d597b3c2231d4fd7545

Found 128 files trough .DS_Store spidering:

/app
/app/assets
/app/assets/asColorPicker
/app/assets/css
/app/assets/css/alertify.css
/app/assets/css/alertify.js
/app/assets/css/bootstrap-extend.min.css
/app/assets/css/bootstrap.min.css
/app/assets/css/site.css
/app/assets/css/site.min.css
/app/assets/data
/app/assets/datetimepicker
/app/assets/examples
/app/assets/fonts
/app/assets/fullcalendar
/app/assets/images
/app/assets/js
/app/assets/js/App
/app/assets/js/Base.js
/app/assets/js/BaseApp.js
/app/assets/js/Component.js
/app/assets/js/config
/app/assets/js/Config.js
/app/assets/js/ms-general.js
/app/assets/js/ms-gus.js
/app/assets/js/ms-klienci-edytuj.js
/app/assets/js/ms-klienci.js
/app/assets/js/ms-konto.js
/app/assets/js/ms-login.js
/app/assets/js/ms-opony.js
/app/assets/js/ms-pojazdy-edytuj.js
/app/assets/js/ms-pojazdy.js
/app/assets/js/ms-powiadomienia-edytuj.js
/app/assets/js/ms-powiadomienia.js
/app/assets/js/ms-service-files.js
/app/assets/js/ms-stanowisko-edytuj.js
/app/assets/js/ms-status-edytuj.js
/app/assets/js/ms-terminarz-edytuj.js
/app/assets/js/ms-terminarz.js
/app/assets/js/ms-type-edytuj.js
/app/assets/js/ms-user-edytuj.js
/app/assets/js/ms-ustawienia.js
/app/assets/js/ms-vin.js
/app/assets/js/ms.js
/app/assets/js/Plugin
/app/assets/js/Plugin.js
/app/assets/js/print.min.js
/app/assets/js/Section
/app/assets/js/Site.js
/app/assets/skins
/app/assets/spiner
/app/assets/switchery
/app/assets/vendor
/app/assets/vendor/ace
/app/assets/vendor/alertify
/app/assets/vendor/alertify/alertify.css
/app/assets/vendor/alertify/alertify.js
/app/assets/vendor/alertify/themes
/app/assets/vendor/animsition
/app/assets/vendor/asbreadcrumbs
/app/assets/vendor/ascolor
/app/assets/vendor/ascolorpicker
/app/assets/vendor/asgradient
/app/assets/vendor/ashoverscroll
/app/assets/vendor/aspaginator
/app/assets/vendor/aspieprogress
/app/assets/vendor/asprogress
/app/assets/vendor/asrange
/app/assets/vendor/asscrollable
/app/assets/vendor/asscrollbar
/app/assets/vendor/asspinner
/app/assets/vendor/autosize
/app/assets/vendor/aws
/app/assets/vendor/babel-external-helpers
/app/assets/vendor/blueimp-canvas-to-blob
/app/assets/vendor/blueimp-file-upload
/app/assets/vendor/blueimp-load-image
/app/assets/vendor/blueimp-tmpl
/app/assets/vendor/bootbox
/app/assets/vendor/bootstrap
/app/assets/vendor/bootstrap-datepicker
/app/assets/vendor/bootstrap-datetimepicker
/app/assets/vendor/bootstrap-hover-dropdown
/app/assets/vendor/bootstrap-markdown
/app/assets/vendor/bootstrap-maxlength
/app/assets/vendor/bootstrap-select
/app/assets/vendor/bootstrap-sweetalert
/app/assets/vendor/bootstrap-table
/app/assets/vendor/bootstrap-tagsinput
/app/assets/vendor/bootstrap-tokenfield
/app/assets/vendor/bootstrap-touchspin
/app/assets/vendor/bootstrap-treeview
/app/assets/vendor/breakpoints
/app/assets/vendor/c3
/app/assets/vendor/chart-js
/app/assets/vendor/chartist
/app/assets/vendor/chartist-plugin-tooltip
/app/assets/vendor/clockpicker
/app/assets/vendor/codemirror
/app/assets/vendor/cropper
/app/assets/vendor/d3
/app/assets/vendor/datatables
/app/assets/vendor/datatables-bootstrap
/app/assets/vendor/datatables-fixedheader
/app/assets/vendor/datatables-responsive
/app/assets/vendor/datatables-tabletools
/app/assets/vendor/datatables.net
/app/assets/vendor/datatables.net-bs4
/app/assets/vendor/datatables.net-buttons
/app/assets/vendor/datatables.net-buttons-bs4
/app/assets/vendor/datatables.net-colreorder
/app/assets/vendor/datatables.net-colreorder-bs4
/app/assets/vendor/datatables.net-fixedcolumns
/app/assets/vendor/datatables.net-fixedcolumns-bs4
/app/assets/vendor/datatables.net-fixedheader
/app/assets/vendor/datatables.net-fixedheader-bs4
/app/assets/vendor/datatables.net-responsive
/app/assets/vendor/datatables.net-responsive-bs4
/app/assets/vendor/datatables.net-rowgroup
/app/assets/vendor/datatables.net-rowgroup-bs4
/app/assets/vendor/datatables.net-rowreorder
/app/assets/vendor/datatables.net-rowreorder-bs4
/app/assets/vendor/datatables.net-scroller
/app/assets/vendor/datatables.net-scroller-bs4
/app/assets/vendor/datatables.net-select
/app/assets/vendor/datatables.net-select-bs4
/app/assets/vendor/datepair
/app/assets/vendor/draggabilly

Found on 2023-02-22 09:20

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.86.4.86
Domain: vendor.steyncity.realist.co.za
Port: 443
URL: https://vendor.steyncity.realist.co.za

First seen 2022-11-13 04:32
Last seen 2023-02-24 05:56
Open for 103 days

Severity: low
Fingerprint: 5f32cf5d6962f09c7cf176427cf17642babc5aa1dc66edf2dc66edf2dc66edf2
```
Found 2 files trough .DS_Store spidering:

/fonts
/images
```
Found on 2022-11-13 04:32

Create report

Apache server-status page is publicly available

The server-status page (usually /server-status) allows server administrators to find out how well their server is performing.

This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.

This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.

https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a

IP: 99.86.4.86
Domain: uat.market.privatebanking.expat.hsbc.com
Port: 443
URL: https://uat.market.privatebanking.expat.hsbc.com

First seen 2022-09-01 12:00
Last seen 2022-09-01 12:00

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb31cd32799503433323034333235be19984

Apache Status
window['adrum-start-time'] = new Date().getTime();(function(config){config.appKey='EC-AAB-NWH';config.adrumExtUrlHttp = 'http://cdn.appdynamics.com';config.adrumExtUrlHttps = 'https://cdn.appdynamics.com';config.beaconUrlHttp = 'http://fra-col.eum-appdynamics.com';config.beaconUrlHttps = 'https://fra-col.eum-appdynamics.com';config.spa ={ 'spa2': true }; config.xhr ={'maxPerPageView': 100 };})(window['adrum-config'] || (window['adrum-config'] = {}));
Apache Server Status for apache.uatgreen.eu.digital.private.banking.uk.hsbc (via 10.1.35.115)

Server Version: Apache/2.4.52 (Unix) OpenSSL/1.1.1n
Server MPM: event
Server Built: Jan 26 2022 08:37:13

Current Time: Thursday, 01-Sep-2022 12:00:20 UTC
Restart Time: Sunday, 28-Aug-2022 11:57:29 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  4 days 2 minutes 51 seconds
Server load: 0.98 0.71 0.79
Total accesses: 42215 - Total Traffic: 554.1 MB - Total Duration: 627206
CPU Usage: u189.35 s55.86 cu0 cs0 - .0709% CPU load
.122 requests/sec - 1680 B/second - 13.4 kB/request - 14.8574 ms/request
1 requests currently being processed, 1249 idle workers



SlotPIDStoppingConnections
ThreadsAsync connections
totalacceptingbusyidlewritingkeep-aliveclosing
023no0yes0250000
124no0yes0250000
225no1yes1249001
326no0yes0250000
427no1yes0250001
Sum502 11249002

________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
_____________W__________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
__________________________________
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0230/1/1_
0.023407682092090.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.07339058880.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.14336298440.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.57277708660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.26330988550.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.54278758990.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.33328378550.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.62316258550.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.53319738660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.65315208550.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.56318988880.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.7730983842420.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.83307438660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
0.88305818550.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.13295078660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.18293038660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.21292018660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.28289558660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.37285598660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.52279118770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.59277258990.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
2.5023861842420.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
2.57236128770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.84266338770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
1.90263938770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
2.14253258770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
2.20251248770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
2.65232888770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
2.98218998770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.04217198660.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.05217048770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.07216208770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.10215758990.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.26209098770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.38204358770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.41203308770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.48200608770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.50200278770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
5.14137458770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
5.65117928770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.94184738770.00.010.01
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
4.94145648770.00.020.02
127.0.0.6http/1.1uat.market.privatebanking.hsbc.GET /server-status HTTP/1.1

0-0230/1/1_
3.92

Found on 2022-09-01 12:00

Create report

Host 99.86.4.86

United States

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Git configuration and history exposed

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Apache server-status page is publicly available

Domain summary