Domain bitads.ai
Germany
Software information
CloudFront
tcp/443
nginx
tcp/443
nginx 1.24.0
tcp/443 tcp/80
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-13 00:25
Last seen 2026-02-09 19:39
Open for 58 days-
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6GraphQL introspection enabled at /api/graphql
Found on 2026-02-09 19:39 -
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d603073f8703073f8703073f8703073f8703073f87GraphQL introspection enabled at /api/graphql Detected: GitLab
Found on 2026-01-23 04:30
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2024-09-30 20:09
Last seen 2025-06-12 21:48
Open for 255 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc0363d38ccdb130f59e20a14d4265f3dcFound 4 files trough .DS_Store spidering: /assets /assets/media /assets/media/avatars /assets/media/patterns
Found on 2025-06-12 21:48
-
-
Open service 49.13.126.62:443 · code.bitads.ai
2026-01-23 04:30
HTTP/1.1 302 Found Server: nginx Date: Fri, 23 Jan 2026 04:30:03 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.bitads.ai/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KFMHVKGC91JW8X83QWP38VMC","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KFMHVKGC91JW8X83QWP38VMC X-Runtime: 0.028941 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin <html><body>You are being <a href="https://code.bitads.ai/users/sign_in">redirected</a>.</body></html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 91.98.27.57:443 · testnetweb.bitads.ai
2026-01-12 04:46
HTTP/1.1 403 Forbidden Server: nginx/1.24.0 (Ubuntu) Date: Mon, 12 Jan 2026 04:46:58 GMT Content-Type: text/html Content-Length: 162 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx/1.24.0 (Ubuntu)</center> </body> </html>
Found 2026-01-12 by HttpPluginCreate report
-
Open service 91.98.27.57:80 · testnetweb.bitads.ai
2026-01-12 04:46
HTTP/1.1 301 Moved Permanently Server: nginx/1.24.0 (Ubuntu) Date: Mon, 12 Jan 2026 04:46:58 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://testnetweb.bitads.ai/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.24.0 (Ubuntu)</center> </body> </html>
Found 2026-01-12 by HttpPluginCreate report
-
Open service 18.238.243.74:443 · bitads.ai
2026-01-10 12:48
HTTP/1.1 403 Forbidden Server: CloudFront Date: Sat, 10 Jan 2026 12:48:15 GMT Content-Type: text/html Content-Length: 919 Connection: close X-Cache: Error from cloudfront Via: 1.1 d120748dba94009201c8a9c5c612c7fc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: AMS58-P1 X-Amz-Cf-Id: T4WshUdwvJ4VkvfWRsL13sJaW3SuCkQk2q2RZC2ebh9EZbDAnyg0PA== Page title: ERROR: The request could not be satisfied <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <TITLE>ERROR: The request could not be satisfied</TITLE> </HEAD><BODY> <H1>403 ERROR</H1> <H2>The request could not be satisfied.</H2> <HR noshade size="1px"> Request blocked. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. <BR clear="all"> If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation. <BR clear="all"> <HR noshade size="1px"> <PRE> Generated by cloudfront (CloudFront) Request ID: T4WshUdwvJ4VkvfWRsL13sJaW3SuCkQk2q2RZC2ebh9EZbDAnyg0PA== </PRE> <ADDRESS> </ADDRESS> </BODY></HTML>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 49.13.126.62:443 · code.bitads.ai
2026-01-09 05:00
HTTP/1.1 302 Found Server: nginx Date: Fri, 09 Jan 2026 05:00:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.bitads.ai/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KEGJ25SY9DFPAMMN0D3R1JYP","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KEGJ25SY9DFPAMMN0D3R1JYP X-Runtime: 0.072822 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin <html><body>You are being <a href="https://code.bitads.ai/users/sign_in">redirected</a>.</body></html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 49.13.126.62:443 · code.bitads.ai
2026-01-02 12:12
HTTP/1.1 302 Found Server: nginx Date: Fri, 02 Jan 2026 12:12:43 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.bitads.ai/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KDZ9ZP1BED5CM1JRVF9SJS3E","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KDZ9ZP1BED5CM1JRVF9SJS3E X-Runtime: 0.034980 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin <html><body>You are being <a href="https://code.bitads.ai/users/sign_in">redirected</a>.</body></html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 18.238.243.12:443 · bitads.ai
2025-12-23 06:06
HTTP/1.1 403 Forbidden Server: CloudFront Date: Tue, 23 Dec 2025 06:06:22 GMT Content-Type: text/html Content-Length: 919 Connection: close X-Cache: Error from cloudfront Via: 1.1 5fee70391560223c206b9f4887737d74.cloudfront.net (CloudFront) X-Amz-Cf-Pop: AMS58-P1 X-Amz-Cf-Id: pIDZm13GU-CJlenFW_u-kaWCxhQer3b0ZspcMIQDHTJBeU7s4ZRNoQ== Page title: ERROR: The request could not be satisfied <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <TITLE>ERROR: The request could not be satisfied</TITLE> </HEAD><BODY> <H1>403 ERROR</H1> <H2>The request could not be satisfied.</H2> <HR noshade size="1px"> Request blocked. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. <BR clear="all"> If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation. <BR clear="all"> <HR noshade size="1px"> <PRE> Generated by cloudfront (CloudFront) Request ID: pIDZm13GU-CJlenFW_u-kaWCxhQer3b0ZspcMIQDHTJBeU7s4ZRNoQ== </PRE> <ADDRESS> </ADDRESS> </BODY></HTML>
Found 2025-12-23 by HttpPluginCreate report
-
Open service 49.13.126.62:443 · code.bitads.ai
2025-12-22 14:30
HTTP/1.1 302 Found Server: nginx Date: Mon, 22 Dec 2025 14:30:36 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache Content-Security-Policy: Location: https://code.bitads.ai/users/sign_in Permissions-Policy: interest-cohort=() X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Gitlab-Meta: {"correlation_id":"01KD37G8G5X11MAAZV0AX3JAJE","version":"1"} X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01KD37G8G5X11MAAZV0AX3JAJE X-Runtime: 0.102617 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=63072000 Referrer-Policy: strict-origin-when-cross-origin <html><body>You are being <a href="https://code.bitads.ai/users/sign_in">redirected</a>.</body></html>Found 2025-12-22 by HttpPluginCreate report