LeakIX - Host m246.leddirect.de

Domain m246.leddirect.de

United Kingdom

Team Blue Carrier Limited

Software information

nginx nginx

tcp/443 tcp/8443

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 94.76.223.34
Domain: m246.leddirect.de
Port: 443
URL: https://m246.leddirect.de

First seen 2025-10-28 04:53
Last seen 2026-02-09 19:22
Open for 104 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2026-02-09 19:22
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa374c2942e74c2942e74c2942e74c2942e74c2942e
```
GraphQL introspection enabled at /graphql
Detected: Magento
```
Found on 2026-01-23 06:02

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ff05210135362883d0be41ac99e672b290088381

GraphQL introspection enabled at /graphql
Types: 389 (by kind: ENUM: 28, INPUT_OBJECT: 86, INTERFACE: 20, OBJECT: 250, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, skip (total: 3)

Detected: Magento

Found on 2025-12-23 03:17

856.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f69677aabe73649a6db9fef51d08e005d1bfac85

GraphQL introspection enabled at /graphql/api
Types: 389 (by kind: ENUM: 28, INPUT_OBJECT: 86, INTERFACE: 20, OBJECT: 250, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-30 12:08

856.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2
```
GraphQL introspection enabled at /graphql/api
```
Found on 2025-11-26 05:32

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ff05210135362883d0be41ac99e672b2d0460e22

GraphQL introspection enabled at /graphql
Types: 389 (by kind: ENUM: 28, INPUT_OBJECT: 86, INTERFACE: 20, OBJECT: 250, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-12 13:46

856.4 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 94.76.223.34
Domain: m246.leddirect.de
Port: 8443
URL: https://m246.leddirect.de:8443

First seen 2025-11-10 13:22
Last seen 2026-02-09 17:43
Open for 91 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2026-02-09 17:43
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa374c2942e74c2942e74c2942e74c2942e74c2942e
```
GraphQL introspection enabled at /graphql
Detected: Magento
```
Found on 2026-01-23 11:06

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ff05210135362883d0be41ac99e672b290088381

GraphQL introspection enabled at /graphql
Types: 389 (by kind: ENUM: 28, INPUT_OBJECT: 86, INTERFACE: 20, OBJECT: 250, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, skip (total: 3)

Detected: Magento

Found on 2026-01-16 11:42

856.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f69677aabe73649a6db9fef51d08e005d1bfac85

GraphQL introspection enabled at /graphql/api
Types: 389 (by kind: ENUM: 28, INPUT_OBJECT: 86, INTERFACE: 20, OBJECT: 250, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-11 07:40

856.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ff05210135362883d0be41ac99e672b2d0460e22

GraphQL introspection enabled at /graphql
Types: 389 (by kind: ENUM: 28, INPUT_OBJECT: 86, INTERFACE: 20, OBJECT: 250, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-28 19:57

856.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2
```
GraphQL introspection enabled at /graphql/api
```
Found on 2025-11-27 01:59

Create report

Open service 94.76.223.34:8443 · m246.leddirect.de

2026-01-23 11:06

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 11:06:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=895m674l99e3l6hoj1el0rclhh; expires=Fri, 30 Jan 2026 11:06:22 GMT; Max-Age=604800; path=/; domain=m246.leddirect.de; secure; HttpOnly; SameSite=Lax
Location: https://www.leddirect.de/
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/monitor.bigbridgedev.nl\/csp"}]}
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com v2.zopim.com data: data: 'self' 'unsafe-inline'; form-action www.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https://pay.google.com 'self'; frame-src https://www.google.com/recaptcha/ *.multisafepay.com https://pay.google.com js.mollie.com www.youtube.com www.facebook.com v2.zopim.com 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com https://www.mollie.com i.ytimg.com www.google.nl www.facebook.com widgets.trustedshops.com www.ledlampendirect.nl v2assets.zopim.com v2assets.zopim.io v2.zopim.com v2.zopim.io data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.multisafepay.com https://pay.google.com js.mollie.com chimpstatic.com widgets.trustedshops.com www.dwin1.com v2.zopim.com connect.facebook.net static.zdassets.com ekr.zdassets.com www.facebook.com checkout.buckaroo.nl 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.multisafepay.com checkout.buckaroo.nl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com v2.zopim.com www.paypal.com stats.g.doubleclick.net ekr.zdassets.com widget-mediator.zopim.com wss://widget-mediator.zopim.com v2assets.zopim.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://monitor.bigbridgedev.nl/csp; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0

Found 2026-01-23 by HttpPlugin

Create report

Open service 94.76.223.34:443 · m246.leddirect.de

2026-01-23 06:02

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 06:02:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=houonc7k9avjva4vr5ppddde65; expires=Fri, 30 Jan 2026 06:02:48 GMT; Max-Age=604800; path=/; domain=m246.leddirect.de; secure; HttpOnly; SameSite=Lax
Location: https://www.leddirect.de/
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/monitor.bigbridgedev.nl\/csp"}]}
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com v2.zopim.com data: data: 'self' 'unsafe-inline'; form-action www.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https://pay.google.com 'self'; frame-src https://www.google.com/recaptcha/ *.multisafepay.com https://pay.google.com js.mollie.com www.youtube.com www.facebook.com v2.zopim.com 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com https://www.mollie.com i.ytimg.com www.google.nl www.facebook.com widgets.trustedshops.com www.ledlampendirect.nl v2assets.zopim.com v2assets.zopim.io v2.zopim.com v2.zopim.io data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.multisafepay.com https://pay.google.com js.mollie.com chimpstatic.com widgets.trustedshops.com www.dwin1.com v2.zopim.com connect.facebook.net static.zdassets.com ekr.zdassets.com www.facebook.com checkout.buckaroo.nl 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.multisafepay.com checkout.buckaroo.nl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com v2.zopim.com www.paypal.com stats.g.doubleclick.net ekr.zdassets.com widget-mediator.zopim.com wss://widget-mediator.zopim.com v2assets.zopim.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://monitor.bigbridgedev.nl/csp; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0

Found 2026-01-23 by HttpPlugin

Create report

Open service 94.76.223.34:8443 · m246.leddirect.de

2026-01-09 18:07

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Jan 2026 18:07:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=h7drr0mkfl9osvldnk90hoe2or; expires=Fri, 16 Jan 2026 18:07:16 GMT; Max-Age=604800; path=/; domain=m246.leddirect.de; secure; HttpOnly; SameSite=Lax
Location: https://www.leddirect.de/
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/monitor.bigbridgedev.nl\/csp"}]}
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com v2.zopim.com data: data: 'self' 'unsafe-inline'; form-action www.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https://pay.google.com 'self'; frame-src https://www.google.com/recaptcha/ *.multisafepay.com https://pay.google.com js.mollie.com www.youtube.com www.facebook.com v2.zopim.com 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com https://www.mollie.com i.ytimg.com www.google.nl www.facebook.com widgets.trustedshops.com www.ledlampendirect.nl v2assets.zopim.com v2assets.zopim.io v2.zopim.com v2.zopim.io data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.multisafepay.com https://pay.google.com js.mollie.com chimpstatic.com widgets.trustedshops.com www.dwin1.com v2.zopim.com connect.facebook.net static.zdassets.com ekr.zdassets.com www.facebook.com checkout.buckaroo.nl 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.multisafepay.com checkout.buckaroo.nl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com v2.zopim.com www.paypal.com stats.g.doubleclick.net ekr.zdassets.com widget-mediator.zopim.com wss://widget-mediator.zopim.com v2assets.zopim.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://monitor.bigbridgedev.nl/csp; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0

Found 2026-01-09 by HttpPlugin

Create report

m246.leddirect.de

Fingerprint:

e977a459c1d851eade5b2936d7420c7bf03d49979c1d22f9725363829b13421e

CN:

m246.leddirect.de

Key:

ECDSA-384

Issuer:

Not before:

2025-12-30 03:53

Not after:

2026-03-30 03:53

Domain summary

m246.leddirect.de 14

1 recorded

IP summary

94.76.223.34 2

1 recorded