Domain www.api.trainmore.app
Germany
-
Open service 2a00:1450:4001:829::2013:443 · www.api.trainmore.app
2026-01-10 21:25
HTTP/1.1 400 Bad Request content-type: application/json; charset=utf-8 content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-allow-origin: * access-control-allow-credentials: true etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw" x-cloud-trace-context: 85d03cc99182ebebb72b8d958647c007 date: Sat, 10 Jan 2026 21:25:57 GMT server: Google Frontend Content-Length: 406 Connection: close {"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}Found one day ago by HttpPluginCreate report
-
Open service 142.250.186.115:443 · www.api.trainmore.app
2026-01-10 21:25
HTTP/1.1 400 Bad Request content-type: application/json; charset=utf-8 content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-allow-origin: * access-control-allow-credentials: true etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw" x-cloud-trace-context: 08d60fa6c40f854c4ab72cce709fd587 date: Sat, 10 Jan 2026 21:25:57 GMT server: Google Frontend Content-Length: 406 Connection: close {"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}Found one day ago by HttpPluginCreate report
-
Open service 142.250.186.115:80 · www.api.trainmore.app
2026-01-10 21:25
HTTP/1.1 400 Bad Request content-type: application/json; charset=utf-8 content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-allow-origin: * access-control-allow-credentials: true etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw" x-cloud-trace-context: a2784f9b4cb7b7d36c8e6379ab2370c4 date: Sat, 10 Jan 2026 21:26:56 GMT server: Google Frontend Content-Length: 406 Connection: close {"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}Found one day ago by HttpPluginCreate report
-
Open service 2a00:1450:4001:829::2013:80 · www.api.trainmore.app
2026-01-10 21:25
HTTP/1.1 400 Bad Request content-type: application/json; charset=utf-8 content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 access-control-allow-origin: * access-control-allow-credentials: true etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw" x-cloud-trace-context: ce498e2af5f4321716309820afc860dc;o=1 date: Sat, 10 Jan 2026 21:26:54 GMT server: Google Frontend Content-Length: 406 Connection: close {"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}Found one day ago by HttpPluginCreate report