During poking around
█████████/24 range - █████ looking for the Cisco devices, I came across
█████ which resolved to the https://██████/
While it's a not
.mil host, it's likely related to the DoD since it hosted in the DoD-controlled ASN.
I discovered few critical vulnerabilities here, one of them is exposed backup files via directory listing.
https://███/obj/Debug/ █████ The source code can be found here: https://█████████/obj/Debug/Package/GLOSS2.zip It's zipped backup.
The DB credentials exposed here: https://█████/obj/Debug/Package/GLOSS2.SetParameters.xml ███
Disable directory indexing, restrict access to the sensitive files, and change credentials as defense-in-depth measure.
Source code & DB credentials leakage. Attacker can use it to compromise the resource.