Domain app.cemeri.org
United States
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-19 17:10
Last seen 2026-01-02 17:14
Open for 75 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3caff5d0bdb4c7f09c3029343425e666aaae0403eGraphQL introspection enabled at /graphql Types: 210 (by kind: ENUM: 2, INPUT_OBJECT: 51, OBJECT: 148, SCALAR: 9) Operations: - Query: Query | fields: news, news_by_id, news_scrapped, news_scrapped_aggregated, news_scrapped_by_id - Mutation: Mutation | fields: create_comentarios_item, create_comentarios_items, create_creador_mapas_item, create_creador_mapas_items, create_respuestas_items Directives: deprecated, include, skip (total: 3) Readable stores: 0
Found on 2026-01-02 17:14522.7 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3caff5d0bdb4c7f09c3029343425e666aaed4e74aGraphQL introspection enabled at /graphql Types: 210 (by kind: ENUM: 2, INPUT_OBJECT: 51, OBJECT: 148, SCALAR: 9) Operations: - Query: Query | fields: news, news_by_id, news_scrapped, news_scrapped_aggregated, news_scrapped_by_id - Mutation: Mutation | fields: create_comentarios_item, create_comentarios_items, create_creador_mapas_item, create_creador_mapas_items, create_respuestas_items Directives: deprecated, include, skip (total: 3)
Found on 2025-12-21 14:41522.7 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3GraphQL introspection enabled at /graphql
Found on 2025-12-13 13:18
-
-
Open service 142.251.141.115:443 · app.cemeri.org
2026-01-09 11:10
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: 275695663f3395cd07e972cfcd100577 date: Fri, 09 Jan 2026 11:10:53 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2026-01-09 by HttpPluginCreate report
-
Open service 142.251.141.115:443 · app.cemeri.org
2026-01-02 17:14
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: 8532c6d2586ceff6316cee34aa65b305 date: Fri, 02 Jan 2026 17:14:56 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2026-01-02 by HttpPluginCreate report
-
Open service 142.251.141.115:443 · app.cemeri.org
2025-12-23 09:22
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: b02a36a29da99c9ad1ba20b2375d62ca date: Tue, 23 Dec 2025 09:22:13 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2025-12-23 by HttpPluginCreate report
-
Open service 2a00:1450:4001:807::2013:443 · app.cemeri.org
2025-12-21 14:41
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: 2eb04571bfbb8686cb9dc7a5ffeda683 date: Sun, 21 Dec 2025 14:41:55 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2025-12-21 by HttpPluginCreate report
-
Open service 2a00:1450:4001:807::2013:80 · app.cemeri.org
2025-12-21 14:41
HTTP/1.1 302 Found location: https://app.cemeri.org/ x-cloud-trace-context: 59d5d2dad705ecae8257cb30d8203c14 date: Sun, 21 Dec 2025 14:41:55 GMT content-type: text/html server: Google Frontend Content-Length: 0 Connection: close
Found 2025-12-21 by HttpPluginCreate report
-
Open service 142.251.141.115:80 · app.cemeri.org
2025-12-21 14:41
HTTP/1.1 302 Found location: https://app.cemeri.org/ x-cloud-trace-context: ccda87a4ff55cdbefc937676f42e5bc3 date: Sun, 21 Dec 2025 14:41:57 GMT content-type: text/html server: Google Frontend Content-Length: 0 Connection: close
Found 2025-12-21 by HttpPluginCreate report
-
Open service 142.251.141.115:443 · app.cemeri.org
2025-12-21 14:41
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: 3123448b7a136da5085af4eeda85df25 date: Sun, 21 Dec 2025 14:41:56 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2025-12-21 by HttpPluginCreate report
-
Open service 142.250.186.147:443 · app.cemeri.org
2025-12-21 03:22
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: b646d47a71ca30a6887ad17eeddc5279 date: Sun, 21 Dec 2025 03:22:51 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2025-12-21 by HttpPluginCreate report
-
Open service 142.250.186.147:443 · app.cemeri.org
2025-12-19 03:07
HTTP/1.1 302 Found content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-powered-by: Directus location: ./admin vary: Accept content-type: text/plain; charset=utf-8 x-cloud-trace-context: 40b0ec1ac5235d01ac96a4908573f944 date: Fri, 19 Dec 2025 03:07:24 GMT server: Google Frontend Content-Length: 29 Connection: close Found. Redirecting to ./admin
Found 2025-12-19 by HttpPluginCreate report