LeakIX - Host gitlab-sandbox.bfops.io

Domain gitlab-sandbox.bfops.io

Germany

AMAZON-02

Software information

nginx nginx

tcp/443

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 35.157.52.27
Domain: gitlab-sandbox.bfops.io
Port: 443
URL: https://gitlab-sandbox.bfops.io

First seen 2025-10-28 13:53
Last seen 2026-01-23 05:09
Open for 86 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d603073f8703073f8703073f8703073f8703073f87
```
GraphQL introspection enabled at /api/graphql
Detected: GitLab
```
  Found on 2026-01-23 05:09
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-12-01 17:13
Create report

Open service 35.157.52.27:443 · gitlab-sandbox.bfops.io

2026-01-23 05:09

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Jan 2026 05:09:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 111
Connection: close
Cache-Control: no-cache
Content-Security-Policy: 
Location: https://gitlab-sandbox.bfops.io/users/sign_in
Nel: {"max_age": 0}
Permissions-Policy: interest-cohort=()
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Gitlab-Meta: {"correlation_id":"01KFMM41MX6768BM6G7R2WYR29","version":"1"}
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01KFMM41MX6768BM6G7R2WYR29
X-Runtime: 0.038956
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin


<html><body>You are being <a href="https://gitlab-sandbox.bfops.io/users/sign_in">redirected</a>.</body></html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 35.157.52.27:443 · gitlab-sandbox.bfops.io

2026-01-09 13:14

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Jan 2026 13:14:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 111
Connection: close
Cache-Control: no-cache
Content-Security-Policy: 
Location: https://gitlab-sandbox.bfops.io/users/sign_in
Nel: {"max_age": 0}
Permissions-Policy: interest-cohort=()
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Gitlab-Meta: {"correlation_id":"01KEHE9T16QEYMW39G9117HD4M","version":"1"}
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01KEHE9T16QEYMW39G9117HD4M
X-Runtime: 0.035850
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin


<html><body>You are being <a href="https://gitlab-sandbox.bfops.io/users/sign_in">redirected</a>.</body></html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 35.157.52.27:443 · gitlab-sandbox.bfops.io

2026-01-02 07:36

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Jan 2026 07:36:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 111
Connection: close
Cache-Control: no-cache
Content-Security-Policy: 
Location: https://gitlab-sandbox.bfops.io/users/sign_in
Nel: {"max_age": 0}
Permissions-Policy: interest-cohort=()
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Gitlab-Meta: {"correlation_id":"01KDYT655VEYHHGFPKB7MY3223","version":"1"}
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01KDYT655VEYHHGFPKB7MY3223
X-Runtime: 0.094505
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin


<html><body>You are being <a href="https://gitlab-sandbox.bfops.io/users/sign_in">redirected</a>.</body></html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 35.157.52.27:443 · gitlab-sandbox.bfops.io

2025-12-22 13:49

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 22 Dec 2025 13:49:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 111
Connection: close
Cache-Control: no-cache
Content-Security-Policy: 
Location: https://gitlab-sandbox.bfops.io/users/sign_in
Nel: {"max_age": 0}
Permissions-Policy: interest-cohort=()
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Gitlab-Meta: {"correlation_id":"01KD355M8E2FTG3QM91ZVV2KWV","version":"1"}
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01KD355M8E2FTG3QM91ZVV2KWV
X-Runtime: 0.052415
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin


<html><body>You are being <a href="https://gitlab-sandbox.bfops.io/users/sign_in">redirected</a>.</body></html>

Found 2025-12-22 by HttpPlugin

Create report

gitlab-sandbox.bfops.ioregistry.gitlab-sandbox.bfops.io

Fingerprint:

06fd9aa0e57157bba1a33507d874413f0413078e31a46b93b847bfc4e8856972

CN:

gitlab-sandbox.bfops.io

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-28 23:38

Not after:

2026-03-28 23:38

gitlab-sandbox.bfops.ioregistry.gitlab-sandbox.bfops.io

Fingerprint:

d555ff063590ddf1013709ab03805d4e53377c60833e002e161506bc17f2d522

CN:

gitlab-sandbox.bfops.io

Key:

RSA-2048

Issuer:

R13

Not before:

2025-10-28 12:54

Not after:

2026-01-26 12:54

Domain summary

gitlab-sandbox.bfops.io 5

1 recorded

IP summary

35.157.52.27 2

1 recorded

Domain gitlab-sandbox.bfops.io

Germany

Software information

GraphQL introspection is enabled.

Create report

Create report

Create report

Create report

gitlab-sandbox.bfops.ioregistry.gitlab-sandbox.bfops.io

gitlab-sandbox.bfops.ioregistry.gitlab-sandbox.bfops.io

Domain summary

IP summary