Domain almnorth.fi
France
Software information
Apache
tcp/443
beegoServer:2.0.0
tcp/443
nginx
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-04 18:18
Last seen 2026-02-10 00:48
Open for 67 days-
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6GraphQL introspection enabled at /api/graphql
Found on 2026-02-10 00:48 -
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d603073f8703073f8703073f8703073f8703073f87GraphQL introspection enabled at /api/graphql Detected: GitLab
Found on 2026-01-02 11:21
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-06 18:04
Last seen 2026-02-16 00:29
Open for 101 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-16 00:29
-
-
Open service 164.68.102.2:443 · git.almnorth.fi
2026-01-23 03:12
HTTP/1.1 302 Found Alt-Svc: h3=":443"; ma=2592000 Cache-Control: no-cache Content-Length: 103 Content-Security-Policy: Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 03:12:12 GMT Location: https://git.almnorth.fi/users/sign_in Nel: {"max_age": 0} Permissions-Policy: interest-cohort=() Referrer-Policy: strict-origin-when-cross-origin Server: nginx Strict-Transport-Security: max-age=63072000 Via: 1.1 Caddy X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KFMDD2DTA4PC9K8JSYXJ10JJ","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KFMDD2DTA4PC9K8JSYXJ10JJ X-Runtime: 0.236887 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Connection: close <html><body>You are being <a href="https://git.almnorth.fi/users/sign_in">redirected</a>.</body></html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 37.48.80.100:443 · almnorth.fi
2026-01-23 00:07
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 00:07:32 GMT Server: Apache X-Powered-By: PHP/8.3.21 Vary: Accept-Encoding,Cookie,User-Agent Cache-Control: max-age=3, must-revalidate Upgrade: h2,h2c Connection: Upgrade, close Referrer-Policy: no-referrer-when-downgrade Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2026-01-23 by HttpPluginCreate report
-
Open service 164.68.102.2:443 · ad.almnorth.fi
2026-01-22 22:56
HTTP/1.1 200 OK Accept-Ranges: bytes Alt-Svc: h3=":443"; ma=2592000 Content-Type: text/html; charset=utf-8 Date: Thu, 22 Jan 2026 22:56:45 GMT Last-Modified: Wed, 21 Jan 2026 09:40:29 GMT Server: beegoServer:2.0.0 Set-Cookie: casdoor_session_id=ff17c688f3caecaeaf596cc3995c8626; Path=/; Expires=Sat, 21 Feb 2026 22:56:45 GMT; Max-Age=2592000; HttpOnly Via: 1.1 Caddy Connection: close Transfer-Encoding: chunked Page title: Casdoor <!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Casdoor - An Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS"/><link rel="apple-touch-icon" href="https://cdn.casbin.org/img/favicon.png"/><link rel="manifest" href="https://cdn.casbin.org/site/casdoor/manifest.json"/><title>Casdoor</title><script defer="defer" src="/static/js/main.44a9cbc8.js"></script><link href="/static/css/main.f35879a1.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
Found 2026-01-22 by HttpPluginCreate report
-
Open service 37.48.80.100:443 · almnorth.fi
2026-01-12 10:16
HTTP/1.1 200 OK Date: Mon, 12 Jan 2026 10:16:42 GMT Server: Apache X-Powered-By: PHP/8.3.21 Vary: Accept-Encoding,Cookie,User-Agent Cache-Control: max-age=3, must-revalidate Upgrade: h2,h2c Connection: Upgrade, close Referrer-Policy: no-referrer-when-downgrade Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
Found 2026-01-12 by HttpPluginCreate report