LeakIX - Host staging.grupposave.com

Domain staging.grupposave.com

Germany

Akamai International B.V.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 23.50.55.43
Domain: staging.grupposave.com
Port: 443
URL: https://staging.grupposave.com

First seen 2025-10-22 13:56
Last seen 2026-02-02 09:19
Open for 102 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2026-02-02 09:19
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa374c2942e74c2942e74c2942e74c2942e74c2942e
```
GraphQL introspection enabled at /graphql
Detected: Magento
```
Found on 2026-01-23 16:52
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2df9b2641df9b2641df9b2641df9b2641df9b2641
```
GraphQL introspection enabled at /graphql/api
Detected: Magento
```
Found on 2026-01-20 21:48
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2
```
GraphQL introspection enabled at /graphql/api
```
Found on 2025-12-12 13:54

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa383f6a399c5344afbc37818d171f4c5c69eaef610

GraphQL introspection enabled at /graphql
Types: 653 (by kind: ENUM: 59, INPUT_OBJECT: 162, INTERFACE: 30, OBJECT: 397, SCALAR: 5)
Operations:
- Query: Query | fields: a3mMenus, a3mNodes, adyenPaymentMethods, adyenPaymentMethodsBalance, adyenPaymentStatus
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addGiftRegistryRegistrants, addProductsToCart
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-01 12:20

1.1 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2935a3f80d60f31446c57d6468ef2dfafb35c81d7

GraphQL introspection enabled at /graphql/api
Types: 653 (by kind: ENUM: 59, INPUT_OBJECT: 162, INTERFACE: 30, OBJECT: 397, SCALAR: 5)
Operations:
- Query: Query | fields: a3mMenus, a3mNodes, adyenPaymentMethods, adyenPaymentMethodsBalance, adyenPaymentStatus
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addGiftRegistryRegistrants, addProductsToCart
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-11-14 07:08

1.1 MBytes

Create report

Open service 23.50.55.43:443 · staging.grupposave.com

2026-01-23 16:52

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
x-debug-info: eyJyZXRyaWVzIjowfQ==
traceresponse: 00-188d6a53d028fc5cd841343ff22471e4-af8d698d738ef1a2-01
Content-Type: text/html; charset=UTF-8
x-timer: S1769187137.824723,VS0,VE104
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Pragma: no-cache
x-platform-server: i-0d264a3ae2d65a244
x-platform-server: i-0d264a3ae2d65a244
Location: https://staging.grupposave.com/it_it/
Accept-Ranges: bytes


nalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https://rum.hlx.page *.sharethis.com https://www.google.com https://www.gstatic.com https://c.paypal.com https://songbirdstag.cardinalcommerce.com https://maps.google.com https://maps.googleapis.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com save.local *.save.local tsf.local vbs.local vce.local vrn.local aeroportoverona.it trevisoairport.it veneziaairport.it aeroportodibrescia.it grupposave.it *.aeroportoverona.it *.trevisoairport.it *.veneziaairport.it *.aeroportodibrescia.it *.grupposave.it integration-5ojmyuq-xk54vbr4g326g.eu-3.magentosite.cloud integration2-hohc4oi-xk54vbr4g326g.eu-3.magentosite.cloud static.addtoany.com connect.facebook.net *.addthis.com *.moatads.com *.addthisedge.com acsbapp.com *.acsbapp.com ecomm.sella.it ecomms2s.sella.it external.airport.ai *.cookiebot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.sharethis.com https://fonts.googleapis.com https://www.gstatic.com downloads.mailchimp.com *.fontawesome.com assets.braintreegateway.com save.local *.save.local tsf.local vbs.local vce.local vrn.local aeroportoverona.it trevisoairport.it veneziaairport.it aeroportodibrescia.it grupposave.it *.aeroportoverona.it *.trevisoairport.it *.veneziaairport.it *.aeroportodibrescia.it *.grupposave.it integration-5ojmyuq-xk54vbr4g326g.eu-3.magentosite.cloud integration2-hohc4oi-xk54vbr4g326g.eu-3.magentosite.cloud *.cloudflare.com external.airport.ai 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com save.local *.save.local tsf.local vbs.local vce.local vrn.local aeroportoverona.it trevisoairport.it veneziaairport.it aeroportodibrescia.it grupposave.it *.aeroportoverona.it *.trevisoairport.it *.veneziaairport.it *.aeroportodibrescia.it *.grupposave.it integration-5ojmyuq-xk54vbr4g326g.eu-3.magentosite.cloud integration2-hohc4oi-xk54vbr4g326g.eu-3.magentosite.cloud 'self' data: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.sharethis.com https://payments.sandbox.braintree-api.com api.sandbox.braintreegateway.com https://origin-analytics-sand.sandbox.braintree-api.com https://kg668dbov0.execute-api.us-east-1.amazonaws.com https://writer.cardinalcommerce.com https://vimeo.com https://maps.googleapis.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com api.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com save.local *.save.local tsf.local vbs.l

Found 2026-01-23 by HttpPlugin

Create report

Open service 23.50.55.43:443 · staging.grupposave.com

2026-01-09 10:58

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://staging.grupposave.com/it_it/
x-frame-options: SAMEORIGIN
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-01411953158d47ed2
x-platform-server: i-01411953158d47ed2


geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https://rum.hlx.page *.sharethis.com https://www.google.com https://www.gstatic.com https://c.paypal.com https://songbirdstag.cardinalcommerce.com https://maps.google.com https://maps.googleapis.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com save.local *.save.local tsf.local vbs.local vce.local vrn.local aeroportoverona.it trevisoairport.it veneziaairport.it aeroportodibrescia.it grupposave.it *.aeroportoverona.it *.trevisoairport.it *.veneziaairport.it *.aeroportodibrescia.it *.grupposave.it integration-5ojmyuq-xk54vbr4g326g.eu-3.magentosite.cloud integration2-hohc4oi-xk54vbr4g326g.eu-3.magentosite.cloud static.addtoany.com connect.facebook.net *.addthis.com *.moatads.com *.addthisedge.com acsbapp.com *.acsbapp.com ecomm.sella.it ecomms2s.sella.it external.airport.ai *.cookiebot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.sharethis.com https://fonts.googleapis.com https://www.gstatic.com downloads.mailchimp.com *.fontawesome.com assets.braintreegateway.com save.local *.save.local tsf.local vbs.local vce.local vrn.local aeroportoverona.it trevisoairport.it veneziaairport.it aeroportodibrescia.it grupposave.it *.aeroportoverona.it *.trevisoairport.it *.veneziaairport.it *.aeroportodibrescia.it *.grupposave.it integration-5ojmyuq-xk54vbr4g326g.eu-3.magentosite.cloud integration2-hohc4oi-xk54vbr4g326g.eu-3.magentosite.cloud *.cloudflare.com external.airport.ai 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com save.local *.save.local tsf.local vbs.local vce.local vrn.local aeroportoverona.it trevisoairport.it veneziaairport.it aeroportodibrescia.it grupposave.it *.aeroportoverona.it *.trevisoairport.it *.veneziaairport.it *.aeroportodibrescia.it *.grupposave.it integration-5ojmyuq-xk54vbr4g326g.eu-3.magentosite.cloud integration2-hohc4oi-xk54vbr4g326g.eu-3.magentosite.cloud 'self' data: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.sharethis.com https://payments.sandbox.braintree-api.com api.sandbox.braintreegateway.com https://origin-analytics-sand.sandbox.braintree-api.com https://kg668dbov0.execute-api.us-east-1.amazonaws.com https://writer.cardinalcommerce.com https://vimeo.com https://maps.googleapis.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com api.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com save.local *.save.local tsf

Found 2026-01-09 by HttpPlugin