Domain brandeis.de
Germany
Software information
Caddy
tcp/443
Netlify
tcp/80
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-23 14:26
Last seen 2026-01-23 08:15
Open for 91 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3be1b35b1172b70b38d60526b21ccf309d41d6735GraphQL introspection enabled at /graphql Types: 231 (by kind: ENUM: 20, INPUT_OBJECT: 84, OBJECT: 115, SCALAR: 10, UNION: 2) Operations: - Query: Query | fields: i18NLocale, i18NLocales_connection, uploadFile, uploadFiles, uploadFiles_connection - Mutation: Mutation | fields: createReviewWorkflowsWorkflow, createReviewWorkflowsWorkflowStage, deleteReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflowStage Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
Found on 2026-01-23 08:15418.2 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3769b36e79f9bd3d58a3d0a699f6a2b8758c1881fGraphQL introspection enabled at /graphql Types: 229 (by kind: ENUM: 19, INPUT_OBJECT: 84, OBJECT: 114, SCALAR: 10, UNION: 2) Operations: - Query: Query | fields: i18NLocale, i18NLocales_connection, uploadFile, uploadFiles, uploadFiles_connection - Mutation: Mutation | fields: createReviewWorkflowsWorkflow, createReviewWorkflowsWorkflowStage, deleteReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflowStage Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
Found on 2026-01-16 11:16416.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa38dc820069e499bf65c92a4fc722911f2e4badd04GraphQL introspection enabled at /graphql Types: 250 (by kind: ENUM: 16, INPUT_OBJECT: 76, OBJECT: 147, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: i18NLocale, uploadFile, uploadFiles, uploadFolder, uploadFolders - Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder Directives: deprecated, include, skip, specifiedBy (total: 4)
Found on 2026-01-02 16:14337.9 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aba49f4156f68043fc00d10f56505533df9104ffGraphQL introspection enabled at /graphql Types: 242 (by kind: ENUM: 14, INPUT_OBJECT: 74, OBJECT: 143, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: i18NLocale, uploadFile, uploadFiles, uploadFolder, uploadFolders - Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder Directives: deprecated, include, skip, specifiedBy (total: 4)
Found on 2025-12-27 00:14326.7 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3bbd6f7315cbf3133e5d683dfa7786683b875de6fGraphQL introspection enabled at /graphql Types: 222 (by kind: ENUM: 14, INPUT_OBJECT: 65, OBJECT: 132, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: i18NLocale, uploadFile, uploadFiles, uploadFolder, uploadFolders - Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder Directives: deprecated, include, skip, specifiedBy (total: 4)
Found on 2025-11-24 09:11297.3 kBytes
-
-
Open service 2a05:d014:58f:6200::259:80 · brandeis.de
2026-02-07 17:13
HTTP/1.1 301 Moved Permanently Content-Type: text/plain; charset=utf-8 Date: Sat, 07 Feb 2026 17:13:33 GMT Location: https://brandeis.de/ Server: Netlify X-Nf-Request-Id: 01KGWHGD7NQ5XNWX3M6TGKD9PC Content-Length: 35 Connection: close Redirecting to https://brandeis.de/
Found 22 hours ago by HttpPluginCreate report
-
Open service 85.215.69.115:443 · cms.brandeis.de
2026-01-23 08:15
HTTP/1.1 302 Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: Alt-Svc: h3=":443"; ma=2592000 Content-Length: 22 Content-Security-Policy: img-src 'self' data: https: blob: http:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 08:15:29 GMT Location: /admin Referrer-Policy: no-referrer Server: Caddy Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Connection: close Redirecting to /admin.
Found 2026-01-23 by HttpPluginCreate report
-
Open service 85.215.69.115:443 · cms.brandeis.de
2026-01-23 06:03
HTTP/1.1 302 Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: Alt-Svc: h3=":443"; ma=2592000 Content-Length: 22 Content-Security-Policy: img-src 'self' data: https: blob: http:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 06:03:55 GMT Location: /admin Referrer-Policy: no-referrer Server: Caddy Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Connection: close Redirecting to /admin.
Found 2026-01-23 by HttpPluginCreate report
-
Open service 85.215.69.115:443 · cms.brandeis.de
2026-01-09 09:36
HTTP/1.1 302 Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: Alt-Svc: h3=":443"; ma=2592000 Content-Length: 22 Content-Security-Policy: img-src 'self' data: https: blob: http:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 09:36:27 GMT Location: /admin Referrer-Policy: no-referrer Server: Caddy Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Connection: close Redirecting to /admin.
Found 2026-01-09 by HttpPluginCreate report
-
Open service 85.215.69.115:443 · cms.brandeis.de
2026-01-02 16:14
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: Alt-Svc: h3=":443"; ma=2592000 Content-Security-Policy: img-src 'self' data: https: blob: http:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Content-Type: text/html; charset=utf-8 Date: Fri, 02 Jan 2026 16:14:35 GMT Referrer-Policy: no-referrer Server: Caddy Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Connection: close Transfer-Encoding: chunked Page title: Welcome to your Strapi app <!doctype html> <html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>Welcome to your Strapi app</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="robots" content="noindex, nofollow"> <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" /> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" /> <style> *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}} </style> </head> <body lang="en"> <section class="wrapper"> <h1><img class="logo" src="/assets/images/logo_login.png" /></h1> <div class="informations"> <div> <span class="environment">development</span> <p> The server is running successfully (<strong>v0.1.0)</strong> </p> </div> <div class="text-align-right"> <p>Fri, 02 Jan 2026 16:14:35 GMT</p> <a class="cta cta-primary" href="/admin" target="_blank" title="Click to open the administration" ><i class="fas fa-external-link-alt"></i>Open the administration</a> </div> </div> </section> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 85.215.69.115:443 · cms.brandeis.de
2025-12-23 07:02
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: Alt-Svc: h3=":443"; ma=2592000 Content-Security-Policy: img-src 'self' data: https: blob: http:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Content-Type: text/html; charset=utf-8 Date: Tue, 23 Dec 2025 07:02:54 GMT Referrer-Policy: no-referrer Server: Caddy Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Connection: close Transfer-Encoding: chunked Page title: Welcome to your Strapi app <!doctype html> <html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>Welcome to your Strapi app</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="robots" content="noindex, nofollow"> <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" /> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" /> <style> *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}} </style> </head> <body lang="en"> <section class="wrapper"> <h1><img class="logo" src="/assets/images/logo_login.png" /></h1> <div class="informations"> <div> <span class="environment">development</span> <p> The server is running successfully (<strong>v0.1.0)</strong> </p> </div> <div class="text-align-right"> <p>Tue, 23 Dec 2025 07:02:54 GMT</p> <a class="cta cta-primary" href="/admin" target="_blank" title="Click to open the administration" ><i class="fas fa-external-link-alt"></i>Open the administration</a> </div> </div> </section> </body> </html>Found 2025-12-23 by HttpPluginCreate report