GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d63e930952d0dcbfa2c8ff28f32b970d8457008d26
GraphQL introspection enabled at /api/graphql Types: 600 (by kind: ENUM: 58, INPUT_OBJECT: 144, INTERFACE: 30, OBJECT: 363, SCALAR: 5) Operations: - Query: Query | fields: attributesForm, attributesList, availableStores, cart, categories - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addGiftRegistryRegistrants, addProductsToCart Directives: deprecated, include, oneOf, skip (total: 4)
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d63e930952d0dcbfa2c8ff28f32b970d848a2919d5
GraphQL introspection enabled at /api/graphql Types: 600 (by kind: ENUM: 58, INPUT_OBJECT: 144, INTERFACE: 30, OBJECT: 363, SCALAR: 5) Operations: - Query: Query | fields: attributesForm, attributesList, availableStores, cart, categories - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addGiftRegistryRegistrants, addProductsToCart Directives: deprecated, include, oneOf, skip (total: 4) Detected: Magento
Open service 151.101.195.10:443 ยท stage-iro.inspirali.com
2026-01-23 08:17
HTTP/1.1 401 Unauthorized Connection: close Content-Length: 381 x-frame-options: SAMEORIGIN www-authenticate: Basic realm="Authentication Required" content-type: text/html; charset=iso-8859-1 Accept-Ranges: bytes Date: Fri, 23 Jan 2026 08:17:39 GMT Strict-Transport-Security: max-age=31557600 set-cookie: affinity="f77c2724d0c1c14d"; Path=/; HttpOnly; secure X-Served-By: cache-fra-eddf8230047-FRA X-Cache: MISS X-Timer: S1769156259.546200,VS0,VS0,VE463 Page title: 401 Unauthorized <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Unauthorized</title> </head><body> <h1>Unauthorized</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> </body></html>