Domain v3.api.qa.deal-engine.com
United States
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-09 13:37
Last seen 2026-01-02 05:21
Open for 23 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa317f312ffc02af3cd6dd1d4c1c6b3002b2e55a3b8GraphQL introspection enabled at /graphql Types: 258 (by kind: ENUM: 13, INPUT_OBJECT: 51, OBJECT: 177, SCALAR: 16, UNION: 1) Operations: - Query: Query | fields: clientConfiguration, clientConfigurations, hello, mappedClientConfiguration, refunds - Mutation: Mutation | fields: auth, createAndUpdateClientConfiguration, hello, refunds, updateBusinessRules - Subscription: Subscription | fields: listenRequests Directives: admin, authenticated, bidirectionalLimit, filter, hasCustomerId, hasRole, mask, paginate, parse, transform (total: 19)
Found on 2026-01-02 05:21457.2 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e98938ff393c55cd804d3ac1fea2862bedaf85b8GraphQL introspection enabled at /graphql Types: 256 (by kind: ENUM: 13, INPUT_OBJECT: 51, OBJECT: 175, SCALAR: 16, UNION: 1) Operations: - Query: Query | fields: clientConfiguration, clientConfigurations, hello, mappedClientConfiguration, refunds - Mutation: Mutation | fields: auth, createAndUpdateClientConfiguration, hello, refunds, updateBusinessRules - Subscription: Subscription | fields: listenRequests Directives: admin, authenticated, bidirectionalLimit, filter, hasCustomerId, hasRole, mask, paginate, parse, transform (total: 19)
Found on 2025-12-26 11:19453.7 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3466cb9afe0c633fd1730e6d11b095f3b4efe2268GraphQL introspection enabled at /graphql Types: 254 (by kind: ENUM: 13, INPUT_OBJECT: 51, OBJECT: 173, SCALAR: 16, UNION: 1) Operations: - Query: Query | fields: clientConfiguration, clientConfigurations, hello, mappedClientConfiguration, refunds - Mutation: Mutation | fields: auth, createAndUpdateClientConfiguration, hello, refunds, updateBusinessRules - Subscription: Subscription | fields: listenRequests Directives: admin, authenticated, bidirectionalLimit, filter, hasCustomerId, hasRole, mask, paginate, parse, transform (total: 19)
Found on 2025-12-17 04:05451.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3867406478b7bd9752e502a29b743af63fe205ef0GraphQL introspection enabled at /graphql Types: 238 (by kind: ENUM: 12, INPUT_OBJECT: 47, OBJECT: 162, SCALAR: 16, UNION: 1) Operations: - Query: Query | fields: clientConfiguration, clientConfigurations, hello, mappedClientConfiguration, refunds - Mutation: Mutation | fields: auth, createAndUpdateClientConfiguration, hello, refunds, updateBusinessRules - Subscription: Subscription | fields: listenRequests Directives: admin, authenticated, bidirectionalLimit, filter, hasCustomerId, hasRole, mask, paginate, parse, transform (total: 19)
Found on 2025-12-09 13:37429.6 kBytes
-
-
Open service 34.8.133.98:443 · v3.api.qa.deal-engine.com
2026-01-09 04:14
HTTP/1.1 400 Bad Request x-powered-by: Express access-control-allow-origin: * cache-control: no-store content-type: application/json; charset=utf-8 etag: W/"94-npaMbIB5erTaplHAdDd5m/mgtR8" x-cloud-trace-context: 700befab1d7f25376b981f1849b33be6 date: Fri, 09 Jan 2026 04:14:13 GMT server: Google Frontend Content-Length: 148 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close {"errors":[{"message":"GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.","extensions":{"code":"BAD_REQUEST"}}]}Found 2026-01-09 by HttpPluginCreate report
-
Open service 34.8.133.98:443 · v3.api.qa.deal-engine.com
2026-01-02 05:21
HTTP/1.1 400 Bad Request x-powered-by: Express access-control-allow-origin: * cache-control: no-store content-type: application/json; charset=utf-8 etag: W/"94-npaMbIB5erTaplHAdDd5m/mgtR8" x-cloud-trace-context: edc9aa457bec108b9eb67c96e864f8d9 date: Fri, 02 Jan 2026 05:21:27 GMT server: Google Frontend Content-Length: 148 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close {"errors":[{"message":"GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.","extensions":{"code":"BAD_REQUEST"}}]}Found 2026-01-02 by HttpPluginCreate report
-
Open service 34.8.133.98:443 · v3.api.qa.deal-engine.com
2025-12-22 13:36
HTTP/1.1 400 Bad Request x-powered-by: Express access-control-allow-origin: * cache-control: no-store content-type: application/json; charset=utf-8 etag: W/"94-npaMbIB5erTaplHAdDd5m/mgtR8" x-cloud-trace-context: 6feafb66ddfedcf06069b1e8a9e02a6a date: Mon, 22 Dec 2025 13:36:41 GMT server: Google Frontend Content-Length: 148 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close {"errors":[{"message":"GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.","extensions":{"code":"BAD_REQUEST"}}]}Found 2025-12-22 by HttpPluginCreate report
-
Open service 34.8.133.98:443 · v3.api.qa.deal-engine.com
2025-12-20 13:45
HTTP/1.1 400 Bad Request x-powered-by: Express access-control-allow-origin: * cache-control: no-store content-type: application/json; charset=utf-8 etag: W/"94-npaMbIB5erTaplHAdDd5m/mgtR8" x-cloud-trace-context: 2709cfa7a1dc84ea2fbc607342498b6f date: Sat, 20 Dec 2025 13:45:39 GMT server: Google Frontend Content-Length: 148 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close {"errors":[{"message":"GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.","extensions":{"code":"BAD_REQUEST"}}]}Found 2025-12-20 by HttpPluginCreate report