Domain preview-cms.woo-hoo.ae
Software information
cloudflare
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-17 04:19
Last seen 2026-02-16 22:29
Open for 61 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3cac1da9f290bb12d9538c48a62f331d673df38b2GraphQL introspection enabled at /graphql Types: 16 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 9, SCALAR: 4) Operations: - Query: Query | fields: admins, content, contents Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5) Readable stores: 0
Found on 2026-02-16 22:2921.4 kBytes
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-23 08:02
Last seen 2026-02-16 22:29
Open for 116 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-16 22:29
-
-
Open service 104.21.24.129:443 · preview-cms.woo-hoo.ae
2026-01-23 15:37
HTTP/1.1 302 Found Date: Fri, 23 Jan 2026 15:37:51 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 28 Connection: close access-control-allow-origin: * location: /admin strict-transport-security: max-age=31536000; includeSubDomains vary: Accept x-frame-options: DENY x-xss-protection: 0 cf-cache-status: DYNAMIC Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Server-Timing: cfCacheStatus;desc="DYNAMIC" Server-Timing: cfEdge;dur=9,cfOrigin;dur=691 Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XmKC4RLRA5%2FuUoWZulaVmq7BvmCo7xvDbUEr%2FyyvWlBbMRVShtNMLWYkQ6anydqW8T5PiXL01mwP619S%2BNk9wfwXYbcPjpjCuvfPQgxZvMZAcVfveLc%3D"}]} Server: cloudflare CF-RAY: 9c285fe9fd1e5642-EWR alt-svc: h3=":443"; ma=86400 Found. Redirecting to /adminFound 2026-01-23 by HttpPluginCreate report
-
Open service 104.21.24.129:443 · preview-cms.woo-hoo.ae
2026-01-23 12:50
HTTP/1.1 302 Found Date: Fri, 23 Jan 2026 12:50:04 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 28 Connection: close access-control-allow-origin: * location: /admin strict-transport-security: max-age=31536000; includeSubDomains vary: Accept x-frame-options: DENY x-xss-protection: 0 cf-cache-status: DYNAMIC Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SAOYpTlOQMp04VOO4b0LR%2FZh%2FkpjBr2W%2FDLRwDkqWXlETgy87bOpFa5wD9vvWdqwoU%2BjtuAoekEmTL4nVieRGdrI%2FzoXNA3InSbyeHwqFlKBKeUryQI%3D"}]} Server: cloudflare CF-RAY: 9c276a273b1c9b4e-AMS alt-svc: h3=":443"; ma=86400 Found. Redirecting to /adminFound 2026-01-23 by HttpPluginCreate report
-
Open service 104.21.24.129:443 · preview-cms.woo-hoo.ae
2026-01-10 02:22
HTTP/1.1 302 Found Date: Sat, 10 Jan 2026 02:22:08 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 28 Connection: close access-control-allow-origin: * location: /admin strict-transport-security: max-age=31536000; includeSubDomains vary: Accept x-frame-options: DENY x-xss-protection: 0 cf-cache-status: DYNAMIC Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Server-Timing: cfCacheStatus;desc="DYNAMIC" Server-Timing: cfEdge;dur=7,cfOrigin;dur=699 Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=268JtFrKHaheMvWtlnjBe693nCJUTA%2BFISbvG9AU4Js58mb5DSnuw3LElWyqTZwneR1Ywh%2FlUCjn0%2FyWvBVp4fe%2FuZUYZCAVMUcXQvopEkwKXKSI6LM%3D"}]} Server: cloudflare CF-RAY: 9bb8b470281c1705-EWR alt-svc: h3=":443"; ma=86400 Found. Redirecting to /adminFound 2026-01-10 by HttpPluginCreate report