LeakIX - Host 75.2.43.161

Host 75.2.43.161

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Cowboy

tcp/443

Heroku

tcp/443 tcp/80

heroku-router

tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: alex.chibbs.co.uk
Port: 443
URL: https://alex.chibbs.co.uk

First seen 2025-11-12 04:13
Last seen 2026-01-12 02:54
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43a0a0e27f0caf932a9a8a33844143bc8a7d7a85ff
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /devicestatus/{spec}
DELETE /treatments/{spec}
GET /devicestatus/
GET /echo/{storage}/{spec}
GET /entries
GET /entries/{spec}
GET /profile
GET /slice/{storage}/{field}/{type}/{prefix}/{regex}
GET /status
GET /times/echo/{prefix}/{regex}
GET /times/{prefix}/{regex}
GET /treatments
```
  Found on 2026-01-12 02:54
Create report

Finds vulnerable Vite development environment

ViteJS development environment found and vulnerable to CVE-2025-30208

IP: 75.2.43.161
Domain: www.apolonekretnine.rs
Port: 80
URL: http://www.apolonekretnine.rs

First seen 2025-04-26 00:04
Last seen 2026-01-11 21:25
Open for 260 days

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109911db8cb9

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=52436
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-11 21:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099791d4c53

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=31921
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-10 21:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993369090d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33693
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-09 21:19

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109916fd2b3b

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=34661
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-08 21:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d69ec2ee

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=45680
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-07 21:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099c5664d06

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33120
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-06 21:16

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993afc3e3c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=37610
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-05 21:18

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099db7dd3ed

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=50225
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-03 21:20

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099dd9e07a1

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=53343
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-02 21:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a4a62e46

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=28933
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-01 21:34

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a89935d2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17117
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-31 21:20

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099626edccf

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=23676
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-30 21:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109958c62e9e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=16693
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-27 04:00

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d27d07f2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48768
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-24 19:23

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099f8f15f30

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=22494
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-23 01:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099eaf1add2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17306
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-20 14:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510999e2d4df4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=57061
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-18 15:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997a66e6e3

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=47223
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-16 11:35

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099db22135f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48019
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-12 22:02

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a3728745

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=15756
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-30 23:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a755feaf

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35983
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-28 14:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109932fa21c0

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=59232
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-26 12:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109906f1a89d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=54593
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-22 17:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109989ded47c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=13964
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-20 19:47

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099f305e9c5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=14210
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-16 03:07

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a288b0ee

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=37678
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-12 14:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109936d5ea99

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=36449
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-10 07:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d5977ec0

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=49246
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-08 05:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099da588117

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17198
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-06 04:50

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099530b2045

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=21377
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-04 22:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109916f1d901

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=12568
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-02 23:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993850ed07

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33138
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-01 20:58

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099c25359de

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=12594
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-30 21:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099dcf2e26a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35012
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-28 14:15

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510994fe799cc

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=49750
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-26 19:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510998fd010fb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=40954
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-24 15:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099de250609

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=18269
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-22 20:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997a866445

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=11572
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-20 21:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109941b7051a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=18053
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-18 12:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099e8bf1be2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48180
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-16 19:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099ac810346

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33458
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-14 09:26

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d5088297

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=4749
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-12 12:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997fef12b8

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=6782
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-10 07:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099bc3cf539

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33954
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-08 08:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109965c839c7

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33174
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-06 06:18

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099aa1a7c29

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35264
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-04 04:39

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d19c434f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=3902
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-02 02:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109925704d76

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=44755
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-30 02:23

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099eba1684f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=39819
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-28 02:41

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109954132e9f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=25731
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-26 00:04

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api-staging.pilgrim.club
Port: 443
URL: https://api-staging.pilgrim.club

First seen 2025-11-12 00:04
Last seen 2026-01-11 02:59
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-11 02:59
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.thenerve.io
Port: 80
URL: http://www.thenerve.io

First seen 2025-10-23 15:07
Last seen 2026-01-11 02:48
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-11 02:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: next.tmstudios.com
Port: 80
URL: http://next.tmstudios.com

First seen 2025-11-11 03:36
Last seen 2026-01-11 02:19
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-11 02:19
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: dashboard-auth.getsauce.com
Port: 80
URL: http://dashboard-auth.getsauce.com

First seen 2025-11-11 03:36
Last seen 2026-01-11 02:18
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-11 02:18
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: staging-ims-identity-mgt-service-be.kivunova.com
Port: 443
URL: https://staging-ims-identity-mgt-service-be.kivunova.com

First seen 2025-11-11 02:46
Last seen 2026-01-11 01:39
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bbd785dfc505e3f593f3be15a78d8bc9b53aa63a7

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /company/admin/stores/suppliers/remove
DELETE /company/customers/admin/delete
GET /companies/admin/details
GET /companies/superadmin/all
GET /users/profile
PATCH /companies/admin/update
PATCH /company/admin/stores/status
PATCH /company/customers/admin/update
PATCH /super/companies/admins/status
PATCH /super/companies/approve
PATCH /super/companies/status
PATCH /users/admin/update
POST /auth/authorize
POST /auth/login
POST /auth/logout
POST /auth/password/change
POST /auth/password/forgot
POST /auth/password/reset
POST /auth/refresh
POST /auth/request-verification-otp
POST /auth/resend-otp
POST /auth/validate
POST /auth/verify-email-otp
POST /company/admin/stores
POST /company/admin/stores/all
POST /company/admin/stores/assign-admin
POST /company/admin/stores/change-manager
POST /company/admin/stores/delete
POST /company/admin/stores/details
POST /company/admin/stores/list
POST /company/admin/stores/search
POST /company/admin/stores/suppliers/add
POST /company/admin/stores/unassign-admin
POST /company/admin/suppliers
POST /company/admin/suppliers/search
POST /company/admin/suppliers/update
POST /company/customers/admin/create
POST /company/customers/admin/get
POST /company/customers/admin/list
POST /onboarding/register
POST /users/admin/assign-store
POST /users/admin/company/list
POST /users/admin/create
POST /users/admin/delete
POST /users/admin/get
POST /users/admin/password/reset
POST /users/admin/remove-store
POST /users/admin/resend-verification
POST /users/admin/role
POST /users/admin/search
POST /users/admin/status
POST /users/admin/store/list
POST /users/admin/stores/list
PUT /company/admin/stores/update

Found on 2026-01-11 01:39

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bbd785dfc505e3f593f3be15a78d8bc9b2e35100f

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /company/admin/stores/suppliers/remove
DELETE /company/customers/admin/delete
GET /companies/admin/details
GET /companies/superadmin/all
GET /users/profile
PATCH /companies/admin/update
PATCH /company/admin/stores/status
PATCH /company/customers/admin/update
PATCH /super/companies/admins/status
PATCH /super/companies/approve
PATCH /super/companies/status
PATCH /users/admin/update
POST /auth/authorize
POST /auth/login
POST /auth/logout
POST /auth/password/change
POST /auth/password/forgot
POST /auth/password/reset
POST /auth/refresh
POST /auth/request-verification-otp
POST /auth/resend-otp
POST /auth/validate
POST /auth/verify-email-otp
POST /company/admin/stores
POST /company/admin/stores/all
POST /company/admin/stores/assign-admin
POST /company/admin/stores/delete
POST /company/admin/stores/details
POST /company/admin/stores/list
POST /company/admin/stores/search
POST /company/admin/stores/suppliers/add
POST /company/admin/stores/unassign-admin
POST /company/admin/suppliers
POST /company/admin/suppliers/search
POST /company/admin/suppliers/update
POST /company/customers/admin/create
POST /company/customers/admin/get
POST /company/customers/admin/list
POST /onboarding/register
POST /users/admin/assign-store
POST /users/admin/company/list
POST /users/admin/create
POST /users/admin/delete
POST /users/admin/get
POST /users/admin/password/reset
POST /users/admin/remove-store
POST /users/admin/resend-verification
POST /users/admin/role
POST /users/admin/search
POST /users/admin/status
POST /users/admin/store/list
POST /users/admin/stores/list
PUT /company/admin/stores/update

Found on 2025-12-16 11:44

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bbd785dfc505e3f59177b90120bae7212d75a397f

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /company/admin/stores/suppliers/remove
DELETE /company/customers/admin/delete
GET /users/profile
PATCH /company/admin/stores/status
PATCH /company/customers/admin/update
PATCH /super/companies/admins/status
PATCH /super/companies/approve
PATCH /super/companies/status
PATCH /users/admin/update
POST /auth/authorize
POST /auth/login
POST /auth/logout
POST /auth/password/change
POST /auth/password/forgot
POST /auth/password/reset
POST /auth/refresh
POST /auth/request-verification-otp
POST /auth/validate
POST /auth/verify-email-otp
POST /company/admin/stores
POST /company/admin/stores/assign-admin
POST /company/admin/stores/list
POST /company/admin/stores/suppliers/add
POST /company/admin/suppliers
POST /company/admin/suppliers/search
POST /company/admin/suppliers/update
POST /company/customers/admin/create
POST /company/customers/admin/get
POST /company/customers/admin/list
POST /onboarding/register
POST /users/admin/company/list
POST /users/admin/create
POST /users/admin/delete
POST /users/admin/get
POST /users/admin/password/reset
POST /users/admin/resend-verification
POST /users/admin/role
POST /users/admin/store/list
POST /users/admin/stores/list
PUT /company/admin/stores/update

Found on 2025-11-30 14:48

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b02dd390a2b2db55f27dba0f4bbf601eaa2a71815

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /company/customers/delete
DELETE /company/stores/suppliers/remove
GET /users/profile
GET /users/{userId}
PATCH /company/customers/update
PATCH /company/stores/status
PATCH /super/companies/admins/status
PATCH /super/companies/approve
PATCH /super/companies/status
PATCH /users/update
POST /auth/login
POST /auth/logout
POST /auth/password/change
POST /auth/password/forgot
POST /auth/password/reset
POST /auth/refresh
POST /auth/request-verification-otp
POST /auth/validate
POST /auth/verify-email-otp
POST /company/customers
POST /company/customers/get
POST /company/customers/list
POST /company/stores
POST /company/stores/admin
POST /company/stores/suppliers/add
POST /company/suppliers
POST /company/suppliers/search
POST /company/suppliers/update
POST /onboarding/register
POST /users
POST /users/company/list
POST /users/password/admin-change
POST /users/resend-verification
POST /users/role
POST /users/store/list
PUT /company/stores/update

Found on 2025-11-16 23:42

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b02dd390a2b2db55f27dba0f4bbf601eae4a29a2c

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /company/customers/delete
DELETE /company/stores/suppliers/remove
GET /users/profile
GET /users/{userId}
PATCH /company/customers/update
PATCH /company/stores/status
PATCH /super/companies/admins/status
PATCH /super/companies/approve
PATCH /super/companies/status
PATCH /users/update
POST /auth/login
POST /auth/logout
POST /auth/password/change
POST /auth/password/forgot
POST /auth/password/reset
POST /auth/refresh
POST /auth/validate
POST /company/customers
POST /company/customers/get
POST /company/customers/list
POST /company/stores
POST /company/stores/admin
POST /company/stores/suppliers/add
POST /company/suppliers
POST /company/suppliers/search
POST /company/suppliers/update
POST /onboarding/register
POST /users
POST /users/company/list
POST /users/password/admin-change
POST /users/resend-verification
POST /users/role
POST /users/store/list
POST /users/verify-email
PUT /company/stores/update

Found on 2025-11-14 23:17

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: services.powerpop.ai
Port: 443
URL: https://services.powerpop.ai

First seen 2025-11-20 06:44
Last seen 2026-01-10 17:49
Open for 51 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 17:49
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: pim.bartsparts.nl
Port: 443
URL: https://pim.bartsparts.nl

First seen 2025-11-07 01:06
Last seen 2026-01-10 02:43
Open for 64 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-10 02:43

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 15.197.129.158
Domain: api.fantati.it
Port: 80
URL: http://api.fantati.it

First seen 2025-11-28 01:42
Last seen 2026-01-10 02:43
Open for 43 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3dfad9413d

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/contents/news
POST /api/contents/sponsor
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase
POST /api/shops/redeem/{playerId}/{shopItemId}
POST /api/teams
PUT /api/contents/news/{id}
PUT /api/contents/sponsor/{id}
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}
PUT /api/goals/daily/players/{playerId}

Found on 2026-01-10 02:43

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3df651b8a2

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/contents/news
POST /api/contents/sponsor
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase
POST /api/shops/redeem/{playerId}/{shopItemId}
POST /api/teams
PUT /api/contents/news/{id}
PUT /api/contents/sponsor/{id}
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}

Found on 2026-01-02 06:47

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3d9f360cf6

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/contents/news
POST /api/contents/sponsor
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase/{playerId}/{shopItemId}
POST /api/teams
PUT /api/contents/news/{id}
PUT /api/contents/sponsor/{id}
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}

Found on 2025-12-26 08:55

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3de295a10a

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase/{playerId}/{shopItemId}
POST /api/teams
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}

Found on 2025-12-11 15:10

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3d2ffc59c5

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase/{playerId}/{shopItemId}
POST /api/teams
PUT /api/forms/{id}

Found on 2025-12-01 14:54

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: ctr-prod-api.makehelsinki.com
Port: 443
URL: https://ctr-prod-api.makehelsinki.com

First seen 2025-11-21 00:29
Last seen 2026-01-10 02:36
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 02:36
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: preprod-bokslink-api.boks.app
Port: 443
URL: https://preprod-bokslink-api.boks.app

First seen 2025-10-20 01:07
Last seen 2026-01-10 02:27
Open for 82 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035495dcf96021d090d403dc8079fd32fc6e13295f002

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/click-and-collect/pre-bookings/{preBookingId}
DELETE /api/sites/{siteId}/configurations/{key}
GET /api/boks
GET /api/boks/single
GET /api/boks/{boksId}
GET /api/boks/{boksId}/keyboard-code
GET /api/click-and-collect/locate
GET /api/click-and-collect/pre-bookings
GET /api/parcel-deliveries
GET /api/parcel-deliveries/canceled
GET /api/parcel-deliveries/retrieved
GET /api/pcbs/single
GET /api/sites/group-names
GET /api/sites/{siteId}
GET /api/user-boks-associations
GET /api/users
GET /api/users/{userId}
POST /api/boks/disassemble
POST /api/click-and-collect/carrier-loadings/{operationId}/drop
POST /api/meta-sites
POST /api/parcel-deliveries/click-and-collect/carrier-loading-operations
POST /api/parcel-deliveries/retrieve
POST /api/parcel-deliveries/{parcelDeliveryId}/cancel
POST /api/parcel-deliveries/{parcelDeliveryId}/deliver
POST /api/parcel-deliveries/{parcelDeliveryId}/drop
POST /api/parcel-deliveries/{parcelDeliveryId}/retrieve
POST /api/remote-ble-deliveries
POST /api/sites
POST /api/sites/{siteId}/configurations
POST /api/sites/{siteId}/manager-invitations
POST /api/support-tickets
POST /api/support-tickets/{supportTicketId}/maintenance-actions
POST /api/support-tickets/{supportTicketId}/return-actions
POST /api/support-tickets/{supportTicketId}/shipping-actions
POST /your-configured-webhook-path-on-your-server-for-cell-loading
POST /your-configured-webhook-path-on-your-server-for-cell-retrieved
PUT /api/parcel-deliveries/{parcelDeliveryId}
PUT /api/user-boks-associations/{userBoksAssociationId}

Found on 2026-01-10 02:27

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: herohealth.net
Port: 443
URL: https://herohealth.net

First seen 2025-11-08 01:22
Last seen 2026-01-10 02:15
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 02:15
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: services.powerpop.ai
Port: 80
URL: http://services.powerpop.ai

First seen 2025-11-20 06:44
Last seen 2026-01-10 01:59
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 01:59
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.boks.app
Port: 80
URL: http://api.boks.app

First seen 2025-11-06 17:50
Last seen 2026-01-10 01:53
Open for 64 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035495dcf96021d090d403dc8079fd32fc6e13295f002

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/click-and-collect/pre-bookings/{preBookingId}
DELETE /api/sites/{siteId}/configurations/{key}
GET /api/boks
GET /api/boks/single
GET /api/boks/{boksId}
GET /api/boks/{boksId}/keyboard-code
GET /api/click-and-collect/locate
GET /api/click-and-collect/pre-bookings
GET /api/parcel-deliveries
GET /api/parcel-deliveries/canceled
GET /api/parcel-deliveries/retrieved
GET /api/pcbs/single
GET /api/sites/group-names
GET /api/sites/{siteId}
GET /api/user-boks-associations
GET /api/users
GET /api/users/{userId}
POST /api/boks/disassemble
POST /api/click-and-collect/carrier-loadings/{operationId}/drop
POST /api/meta-sites
POST /api/parcel-deliveries/click-and-collect/carrier-loading-operations
POST /api/parcel-deliveries/retrieve
POST /api/parcel-deliveries/{parcelDeliveryId}/cancel
POST /api/parcel-deliveries/{parcelDeliveryId}/deliver
POST /api/parcel-deliveries/{parcelDeliveryId}/drop
POST /api/parcel-deliveries/{parcelDeliveryId}/retrieve
POST /api/remote-ble-deliveries
POST /api/sites
POST /api/sites/{siteId}/configurations
POST /api/sites/{siteId}/manager-invitations
POST /api/support-tickets
POST /api/support-tickets/{supportTicketId}/maintenance-actions
POST /api/support-tickets/{supportTicketId}/return-actions
POST /api/support-tickets/{supportTicketId}/shipping-actions
POST /your-configured-webhook-path-on-your-server-for-cell-loading
POST /your-configured-webhook-path-on-your-server-for-cell-retrieved
PUT /api/parcel-deliveries/{parcelDeliveryId}
PUT /api/user-boks-associations/{userBoksAssociationId}

Found on 2026-01-10 01:53

Create report

Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 75.2.43.161
Domain: notification.dev.ensembl.sbs
Port: 80
URL: http://notification.dev.ensembl.sbs/_profiler/empty/search/results

First seen 2025-08-27 00:41
Last seen 2026-01-10 01:48
Open for 136 days
- Fingerprint: 407cf4363b0e62fafca67e075489103a5489103a5489103a5489103a5489103a
```
Symfony profiler enabled:
http://notification.dev.ensembl.sbs/_profiler/empty/search/results
```
  Found on 2026-01-10 01:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: tilaus-back.medfanet.fi
Port: 80
URL: http://tilaus-back.medfanet.fi

First seen 2025-11-13 03:33
Last seen 2026-01-10 01:35
Open for 57 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e58503b1d79df7998ee9da431837ff5a563d6585f1
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /organizations/{organizationId}/units/{unitId}/clients/{clientId}/customers/{customerId}/archive
GET /consumption-plans/{id}
GET /orders/all/{customerId}
GET /orders/lockers
GET /orders/proposals/{proposalId}
GET /organizations/{organizationId}/units/{unitId}/clients/{clientId}/customers
GET /organizations/{organizationId}/units/{unitId}/clients/{clientId}/customers/{customerId}
GET /products
GET /products/search
GET /products/{urlCode}
GET /products/{urlCode}/related
GET /users/current
GET /users/logout
POST /consumption-plans
POST /orders
POST /orders/modified
POST /orders/proposals
POST /orders/proposals/{proposalId}/consumed
POST /public/users/login
POST /public/users/new-password
```
  Found on 2026-01-10 01:35
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2025-12-21 04:30
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.onlineshop.name
Port: 443
URL: https://api.onlineshop.name

First seen 2025-11-10 21:27
Last seen 2026-01-10 01:23
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc304f3b80b3def0d562e18ef1af02022f7481b9a

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /v1/cartItems/{productId}
DELETE /v1/orderItems/{orderItemId}
DELETE /v1/orders/cancel/{orderId}
GET /v1/cartItems
GET /v1/carts
GET /v1/categories
GET /v1/favorites
GET /v1/orders/ordersHistory/{userId}
GET /v1/orders/toOrder
GET /v1/orders/{orderId}
GET /v1/products
GET /v1/products/getAllProductForUser
GET /v1/products/getProductsByCriteria
GET /v1/products/getTopFiveProducts
GET /v1/products/updateProductDiscount/{productId}/{newDiscount}
GET /v1/statistics/pendingPayment/{days}
GET /v1/statistics/topCanceled
GET /v1/statistics/topSold
GET /v1/users/admin/all
GET /v1/users/confirmation
GET /v1/users/renew/{email}
POST /v1/favorites/{productId}
POST /v1/orders/confirm/{orderId}/{payMethod}
POST /v1/statistics/profit
POST /v1/users/login
POST /v1/users/register
PUT /v1/categories/{categoryId}
PUT /v1/orderItems
PUT /v1/products/{productId}
PUT /v1/users/{userId}

Found on 2026-01-10 01:23

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc304f3b80b3def0d562e18ef1af0202276b32352

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /v1/cartItems/{productId}
DELETE /v1/orderItems/{orderItemId}
DELETE /v1/orders/cancel/{orderId}
GET /v1/cartItems
GET /v1/carts
GET /v1/carts/toOrder
GET /v1/categories
GET /v1/favorites
GET /v1/orders/ordersHistory/{userId}
GET /v1/orders/{orderId}
GET /v1/products
GET /v1/products/getAllProductForUser
GET /v1/products/getProductsByCriteria
GET /v1/products/getTopFiveProducts
GET /v1/products/updateProductDiscount/{productId}/{newDiscount}
GET /v1/statistics/pendingPayment/{days}
GET /v1/statistics/topCanceled
GET /v1/statistics/topSold
GET /v1/users/admin/all
GET /v1/users/confirmation
GET /v1/users/renew/{email}
POST /v1/favorites/{productId}
POST /v1/orders/confirm/{orderId}/{payMethod}
POST /v1/statistics/profit
POST /v1/users/login
POST /v1/users/register
PUT /v1/categories/{categoryId}
PUT /v1/orderItems
PUT /v1/products/{productId}
PUT /v1/users/{userId}

Found on 2025-12-16 21:02

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc304f3b80b3def0db71938d0b9488568383da9e2

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /v1/cartItems/{productId}
DELETE /v1/orderItems/{orderItemId}
GET /v1/cartItems
GET /v1/carts
GET /v1/carts/toOrder
GET /v1/categories
GET /v1/favorites
GET /v1/orders/cancel/{orderId}
GET /v1/orders/confirm/{orderId}/{payMethod}
GET /v1/orders/ordersHistory/{userId}
GET /v1/orders/{orderId}
GET /v1/products
GET /v1/products/getAllProductForUser
GET /v1/products/getProductsByCriteria
GET /v1/products/getTopFiveProducts
GET /v1/products/updateProductDiscount/{productId}/{newDiscount}
GET /v1/statistics/pendingPayment/{days}
GET /v1/statistics/topCanceled
GET /v1/statistics/topSold
GET /v1/users/confirmation
GET /v1/users/renew/{email}
POST /v1/favorites/{productId}
POST /v1/orders
POST /v1/statistics/profit
POST /v1/users/login
POST /v1/users/register
PUT /v1/categories/{categoryId}
PUT /v1/orderItems
PUT /v1/products/{productId}
PUT /v1/users/{userId}

Found on 2025-11-26 03:56

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc304f3b80b3def0db71938d0b9488568e59582ac

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /v1/cartItems/{productId}
DELETE /v1/orderItems/{orderItemId}
GET /v1/cartItems
GET /v1/carts
GET /v1/carts/toOrder
GET /v1/categories
GET /v1/favorites
GET /v1/favorites/{productId}
GET /v1/orders/cancel/{orderId}
GET /v1/orders/confirm/{orderId}/{payMethod}
GET /v1/orders/ordersHistory/{userId}
GET /v1/orders/{orderId}
GET /v1/products
GET /v1/products/getAllProductForUser
GET /v1/products/getProductsByCriteria
GET /v1/products/getTopFiveProducts
GET /v1/products/updateProductDiscount/{productId}/{newDiscount}
GET /v1/statistics/pendingPayment/{days}
GET /v1/statistics/topCanceled
GET /v1/statistics/topSold
GET /v1/users/confirmation
GET /v1/users/renew/{email}
POST /v1/orders
POST /v1/statistics/profit
POST /v1/users/login
POST /v1/users/register
PUT /v1/categories/{categoryId}
PUT /v1/orderItems
PUT /v1/products/{productId}
PUT /v1/users/{userId}

Found on 2025-11-16 02:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: integration-preprod.pivotapp.ai
Port: 443
URL: https://integration-preprod.pivotapp.ai

First seen 2025-11-20 01:22
Last seen 2026-01-10 01:06
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b58f0cb59ef9c7d6fb26211b900a7ca4100a7ca41
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /integrations/{integrationName}/oauth
GET /integrations/{integrationName}/oauth/authorize
GET /open-integrations/configuration
POST /integrations/{integrationName}/webhook
```
  Found on 2026-01-10 01:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: test.relacja-app.pl
Port: 443
URL: https://test.relacja-app.pl

First seen 2025-11-10 02:12
Last seen 2026-01-10 01:03
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 01:03
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: rbce-api-prod.goudsmit.tech
Port: 443
URL: https://rbce-api-prod.goudsmit.tech

First seen 2025-10-23 00:12
Last seen 2026-01-10 01:01
Open for 79 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354920ca566a53247da246553176b986b32f4349d7b1

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Order/{OrderId}
GET /api/Audit/LogsByCompanyId
GET /api/Audit/LogsByUserId
GET /api/Files/DownloadFiles
POST /DocFile
POST /api/Board/AddErrorCode
POST /api/Board/Assignees
POST /api/Board/ChangeStatus
POST /api/Board/DeductPartStock
POST /api/Board/FetchErrorCode
POST /api/Board/FetchOrdersByTimeline
POST /api/Board/FetchOrdersbyStatus
POST /api/Board/OrdersCountByStatus
POST /api/Board/OrdersForNext30Days
POST /api/Board/StockAvailable
POST /api/Board/StockCountForParts
POST /api/Board/StockCountForProducts
POST /api/Board/UpdateIndexPositions
POST /api/Client/AddClients
POST /api/Client/DeleteClients
POST /api/Client/FetchClient
POST /api/Client/FetchClients
POST /api/Client/FetchClientsById
POST /api/Client/SearchClientContacts
POST /api/Client/UpdateClients
POST /api/EC2/start-instance
POST /api/EC2/stop-instance
POST /api/Files/UploadToS3
POST /api/Order/AddComments
POST /api/Order/AddLocation
POST /api/Order/AddWarehouse
POST /api/Order/CreateOrders
POST /api/Order/DeleteComment
POST /api/Order/FetchComments
POST /api/Order/FetchOrderByUser
POST /api/Order/FetchOrdersbyId
POST /api/Order/FetchTeam
POST /api/Order/FetchUserByTeamId
POST /api/Order/FetchWarehouse
POST /api/Order/OrderAwaitingStock
POST /api/Order/SearchContact
POST /api/Order/UpdateOrder
POST /api/Products/ComposeProducts
POST /api/Products/CreatePart
POST /api/Products/DeletePart
POST /api/Products/DeleteProduct
POST /api/Products/FetchParts
POST /api/Products/FetchPartsById
POST /api/Products/FetchProduct
POST /api/Products/FetchProductById
POST /api/Products/FetchProductParts
POST /api/Products/SuggestedPart
POST /api/Products/SuggestedProduct
POST /api/Products/UpdatePart
POST /api/Products/UpdatePartStock
POST /api/Products/UpdateProduct
POST /api/Products/UpdateProductStock
POST /api/Stock/AddPartToPurchaseOrder
POST /api/Stock/AdvisedPartPurchasing
POST /api/Stock/CreatePurchasingOrders
POST /api/Stock/FetchPartsBySupplier
POST /api/Stock/FetchPurchasingOrders
POST /api/Stock/FetchPurchasingOrdersById
POST /api/Stock/LastPurchase
POST /api/Stock/PurchaseOrderDelivered
POST /api/Stock/UpdatePurchasingOrder
POST /api/Stock/UpdateStock
POST /api/Supplier/AddSupplier
POST /api/Supplier/DeleteSupplier
POST /api/Supplier/FetchSuppliers
POST /api/Supplier/FetchSuppliersById
POST /api/Supplier/UpdateSuppliers
POST /api/User/CalendarDataUpdate
POST /api/User/ChangePassword
POST /api/User/Create
POST /api/User/Delete
POST /api/User/FetchProfileById
POST /api/User/FetchRole
POST /api/User/FetchRolemodule
POST /api/User/FetchUserById
POST /api/User/FetchUsers
POST /api/User/ForgotPassword
POST /api/User/Login
POST /api/User/Logout
POST /api/User/SendEmail
POST /api/User/Update
POST /api/User/UpdateProfile
POST /api/User/UpdateRoleAccess
POST /api/User/VerifySignup

Found on 2026-01-10 01:01

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.been-journal.co
Port: 443
URL: https://api.been-journal.co

First seen 2025-11-16 00:54
Last seen 2026-01-10 00:57
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7251d45947bff0b67d5e114ddee6a632a2ca36fa9

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /user/{user_id}/delete
GET /auth/google-auth-status
GET /auth/logout
GET /checklists/categories
GET /checklists/templates
GET /countries/
GET /media/picker/items
GET /media/picker/session
GET /places/country
GET /places/find
GET /places/search
GET /tags/
GET /trips/
GET /trips/{trip_id}
GET /trips/{trip_id}/checklists
GET /user/
GET /user/filters
GET /user/list
GET /user/mates
GET /user/{user_id}
GET /user/{user_id}/filters
GET /user/{user_id}/trips
GET /wishlist/
GET /wishlist/filters
PATCH /trips/{trip_id}/checklists/{checklist_id}/items/{item_id}
POST /auth/login
POST /auth/refresh-token
POST /auth/set-google-token
POST /directions/
POST /media/avatar
POST /media/clean
POST /media/confirm-upload
POST /media/extract-location
POST /media/get-upload-url
POST /media/image
POST /media/picker/image
POST /places/details
POST /trips/{trip_id}/accept
POST /trips/{trip_id}/reject
POST /user/link-mate
POST /user/{user_id}/activate
POST /wishlist/check
PUT /checklists/templates/{template_id}
PUT /trips/{trip_id}/checklists/{checklist_id}
PUT /wishlist/{item_id}

Found on 2026-01-10 00:57

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7251d45947bff0b67d5e114dd54339c71185a3689

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /user/{user_id}/delete
GET /auth/google-auth-status
GET /auth/logout
GET /countries/
GET /media/picker/items
GET /media/picker/session
GET /places/country
GET /places/find
GET /places/search
GET /tags/
GET /trips/
GET /trips/{trip_id}
GET /user/
GET /user/filters
GET /user/list
GET /user/mates
GET /user/{user_id}
GET /user/{user_id}/filters
GET /user/{user_id}/trips
GET /wishlist/
GET /wishlist/filters
POST /auth/login
POST /auth/refresh-token
POST /auth/set-google-token
POST /directions/
POST /media/avatar
POST /media/clean
POST /media/confirm-upload
POST /media/extract-location
POST /media/get-upload-url
POST /media/image
POST /media/picker/image
POST /places/details
POST /trips/{trip_id}/accept
POST /trips/{trip_id}/reject
POST /user/link-mate
POST /user/{user_id}/activate
POST /wishlist/check
PUT /wishlist/{item_id}

Found on 2025-12-12 21:22

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.wrongsecrets.com
Port: 443
URL: https://www.wrongsecrets.com

First seen 2025-12-07 01:15
Last seen 2026-01-10 00:53
Open for 33 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-10 00:53
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: integration-demo.pivotapp.ai
Port: 80
URL: http://integration-demo.pivotapp.ai

First seen 2025-11-20 01:21
Last seen 2026-01-10 00:26
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b58f0cb59ef9c7d6fb26211b900a7ca4100a7ca41
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /integrations/{integrationName}/oauth
GET /integrations/{integrationName}/oauth/authorize
GET /open-integrations/configuration
POST /integrations/{integrationName}/webhook
```
  Found on 2026-01-10 00:26
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.staging.wearecareless.com
Port: 80
URL: http://api.staging.wearecareless.com

First seen 2025-11-17 00:47
Last seen 2026-01-10 00:18
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 00:18
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 15.197.129.158
Domain: api.akorno.com
Port: 80
URL: http://api.akorno.com

First seen 2025-12-09 01:41
Last seen 2026-01-10 00:12
Open for 31 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-10 00:12

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-16 22:15

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bfc9873f7656227b6de3705fdc6b62c3b64cdda00

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-09 01:41

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-09 01:41

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: mayfield.herohealth.net
Port: 443
URL: https://mayfield.herohealth.net

First seen 2025-10-17 13:19
Last seen 2026-01-09 23:44
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:44
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: ccapi.constructioncure.com
Port: 443
URL: https://ccapi.constructioncure.com

First seen 2025-11-20 19:07
Last seen 2026-01-09 23:25
Open for 50 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d6079859ea4f

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/stats/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/stats/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/members/{id}/stats/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/stats/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/stats/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/unpaid-time/stats/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/stats/paid/
GET /me/stats/time/
GET /me/stats/unpaid/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2026-01-09 23:25

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d607380e60c8

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2025-12-21 10:27

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d607308adc73

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2025-12-01 05:01

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.herohealth.net
Port: 443
URL: https://www.herohealth.net

First seen 2025-11-10 00:31
Last seen 2026-01-09 23:14
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:14
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: tilaus-back.medfanet.fi
Port: 443
URL: https://tilaus-back.medfanet.fi

First seen 2025-11-13 03:33
Last seen 2026-01-09 23:01
Open for 57 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e58503b1d79df7998ee9da431837ff5a563d6585f1
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /organizations/{organizationId}/units/{unitId}/clients/{clientId}/customers/{customerId}/archive
GET /consumption-plans/{id}
GET /orders/all/{customerId}
GET /orders/lockers
GET /orders/proposals/{proposalId}
GET /organizations/{organizationId}/units/{unitId}/clients/{clientId}/customers
GET /organizations/{organizationId}/units/{unitId}/clients/{clientId}/customers/{customerId}
GET /products
GET /products/search
GET /products/{urlCode}
GET /products/{urlCode}/related
GET /users/current
GET /users/logout
POST /consumption-plans
POST /orders
POST /orders/modified
POST /orders/proposals
POST /orders/proposals/{proposalId}/consumed
POST /public/users/login
POST /public/users/new-password
```
  Found on 2026-01-09 23:01
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: conversor-server.biglelegal.com
Port: 80
URL: http://conversor-server.biglelegal.com

First seen 2025-11-17 00:26
Last seen 2026-01-09 22:08
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 22:08
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.beenly.world
Port: 443
URL: https://api.beenly.world

First seen 2025-11-09 12:55
Last seen 2026-01-09 22:07
Open for 61 days

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7251d45947bff0b67d5e114ddee6a632a2ca36fa9

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /user/{user_id}/delete
GET /auth/google-auth-status
GET /auth/logout
GET /checklists/categories
GET /checklists/templates
GET /countries/
GET /media/picker/items
GET /media/picker/session
GET /places/country
GET /places/find
GET /places/search
GET /tags/
GET /trips/
GET /trips/{trip_id}
GET /trips/{trip_id}/checklists
GET /user/
GET /user/filters
GET /user/list
GET /user/mates
GET /user/{user_id}
GET /user/{user_id}/filters
GET /user/{user_id}/trips
GET /wishlist/
GET /wishlist/filters
PATCH /trips/{trip_id}/checklists/{checklist_id}/items/{item_id}
POST /auth/login
POST /auth/refresh-token
POST /auth/set-google-token
POST /directions/
POST /media/avatar
POST /media/clean
POST /media/confirm-upload
POST /media/extract-location
POST /media/get-upload-url
POST /media/image
POST /media/picker/image
POST /places/details
POST /trips/{trip_id}/accept
POST /trips/{trip_id}/reject
POST /user/link-mate
POST /user/{user_id}/activate
POST /wishlist/check
PUT /checklists/templates/{template_id}
PUT /trips/{trip_id}/checklists/{checklist_id}
PUT /wishlist/{item_id}

Found on 2026-01-09 22:07

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7251d45947bff0b67d5e114dd54339c71185a3689

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /user/{user_id}/delete
GET /auth/google-auth-status
GET /auth/logout
GET /countries/
GET /media/picker/items
GET /media/picker/session
GET /places/country
GET /places/find
GET /places/search
GET /tags/
GET /trips/
GET /trips/{trip_id}
GET /user/
GET /user/filters
GET /user/list
GET /user/mates
GET /user/{user_id}
GET /user/{user_id}/filters
GET /user/{user_id}/trips
GET /wishlist/
GET /wishlist/filters
POST /auth/login
POST /auth/refresh-token
POST /auth/set-google-token
POST /directions/
POST /media/avatar
POST /media/clean
POST /media/confirm-upload
POST /media/extract-location
POST /media/get-upload-url
POST /media/image
POST /media/picker/image
POST /places/details
POST /trips/{trip_id}/accept
POST /trips/{trip_id}/reject
POST /user/link-mate
POST /user/{user_id}/activate
POST /wishlist/check
PUT /wishlist/{item_id}

Found on 2025-12-12 16:55

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7251d4594dabddc423cc7eadc39dd979f039ea380

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /user/{user_id}/delete
GET /auth/logout
GET /countries/
GET /media/picker/items
GET /media/picker/session
GET /places/country
GET /places/find
GET /places/search
GET /tags/
GET /trips/
GET /trips/{trip_id}
GET /user/
GET /user/filters
GET /user/list
GET /user/mates
GET /user/{user_id}
GET /user/{user_id}/filters
GET /user/{user_id}/trips
GET /wishlist/
GET /wishlist/filters
POST /auth/login
POST /auth/refresh-token
POST /auth/set-google-token
POST /directions/
POST /media/avatar
POST /media/clean
POST /media/confirm-upload
POST /media/extract-location
POST /media/get-upload-url
POST /media/image
POST /media/picker/image
POST /places/details
POST /trips/{trip_id}/accept
POST /trips/{trip_id}/reject
POST /user/link-mate
POST /user/{user_id}/activate
POST /wishlist/check
PUT /wishlist/{item_id}

Found on 2025-11-09 12:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: carelessapi.staging.sakur.se
Port: 443
URL: https://carelessapi.staging.sakur.se

First seen 2025-11-19 00:22
Last seen 2026-01-09 21:36
Open for 51 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 21:36
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: builder-api.local.fr
Port: 80
URL: http://builder-api.local.fr

First seen 2025-10-25 13:26
Last seen 2026-01-09 21:00
Open for 76 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 21:00
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.wayflow-hub.com
Port: 80
URL: http://api.wayflow-hub.com

First seen 2025-11-24 03:45
Last seen 2026-01-09 20:20
Open for 46 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839680286c20

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /overview/monthly-vehicle-reports
GET /overview/stats
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-09 20:20

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839695fa1cc9

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-03 00:47

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.promotifyai.com
Port: 443
URL: https://api.promotifyai.com

First seen 2025-11-27 00:38
Last seen 2026-01-09 20:17
Open for 43 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 20:17
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.wayflow-kel.com
Port: 443
URL: https://api.wayflow-kel.com

First seen 2025-10-20 00:16
Last seen 2026-01-09 20:10
Open for 81 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e527dc478bb83ac51d12cf14bf7ea337eff98a2398

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/terrains/{terrainId}/domains/{domainId}
DELETE /api/terrains/{terrainId}/domains/{domainId}/predicates/{predicateId}
GET /api/configs/area-status
GET /api/configs/asset-types
GET /api/configs/constraint-types
GET /api/configs/domain-types
GET /api/configs/ground-types
GET /api/configs/measurement-types
GET /api/configs/predicate-types
GET /api/mqtt/config/connection
GET /api/mqtt/config/full
GET /api/mqtt/config/health
GET /api/mqtt/config/topics
GET /api/mqtt/health
GET /api/mqtt/ping
GET /api/mqtt/reconnect
GET /api/mqtt/status
GET /api/terrains
GET /api/terrains/{terrainId}
GET /api/terrains/{terrainId}/domains
GET /form
GET /sse/restrictions
POST /match
PUT /api/terrains/{terrainId}/area-constraints
PUT /api/terrains/{terrainId}/domains/{domainId}/predicates/access-time-window
PUT /api/terrains/{terrainId}/domains/{domainId}/predicates/speed-limit
PUT /api/terrains/{terrainId}/move/{newParentId}

Found on 2026-01-09 20:10

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: loenberegner.dora-apps.com
Port: 443
URL: https://loenberegner.dora-apps.com

First seen 2025-12-01 08:41
Last seen 2026-01-09 20:06
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549382a10ba889058dd781bb1940e538662307fe334
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /teams
GET /teams/stats
GET /teams/{id}
GET /teams/{id}/users
POST /api/v1/auth/forgot-password
POST /api/v1/auth/reset-password
POST /api/v1/auth/verify-reset-token
```
  Found on 2026-01-09 20:06
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-12-09 19:20
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: integration-demo.pivotapp.ai
Port: 443
URL: https://integration-demo.pivotapp.ai

First seen 2025-11-20 01:21
Last seen 2026-01-09 19:37
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b58f0cb59ef9c7d6fb26211b900a7ca4100a7ca41
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /integrations/{integrationName}/oauth
GET /integrations/{integrationName}/oauth/authorize
GET /open-integrations/configuration
POST /integrations/{integrationName}/webhook
```
  Found on 2026-01-09 19:37
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.staging.wearecareless.com
Port: 443
URL: https://api.staging.wearecareless.com

First seen 2025-11-17 00:47
Last seen 2026-01-09 18:43
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 18:43
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: nightscout.lagerweij.com
Port: 443
URL: https://nightscout.lagerweij.com

First seen 2025-11-21 02:00
Last seen 2026-01-09 18:29
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43a0a0e27f0caf932a9a8a33844143bc8a7d7a85ff
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /devicestatus/{spec}
DELETE /treatments/{spec}
GET /devicestatus/
GET /echo/{storage}/{spec}
GET /entries
GET /entries/{spec}
GET /profile
GET /slice/{storage}/{field}/{type}/{prefix}/{regex}
GET /status
GET /times/echo/{prefix}/{regex}
GET /times/{prefix}/{regex}
GET /treatments
```
  Found on 2026-01-09 18:29
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: ih-five9.ironhack.tech
Port: 443
URL: https://ih-five9.ironhack.tech

First seen 2025-11-25 01:34
Last seen 2026-01-09 18:28
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 18:28
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.devcase.test.sytac.io
Port: 443
URL: https://api.devcase.test.sytac.io

First seen 2025-11-20 00:02
Last seen 2026-01-09 18:11
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 18:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: minmemoria-api.vilmer.no
Port: 80
URL: http://minmemoria-api.vilmer.no

First seen 2025-10-20 00:07
Last seen 2026-01-09 17:55
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 17:55
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: dev.api.cron.hotlens.com
Port: 443
URL: https://dev.api.cron.hotlens.com

First seen 2025-10-19 01:40
Last seen 2026-01-09 17:54
Open for 82 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035490ebde8ccd85bd0ab906a04ab50e787e5c6172f34

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Currency/backoffice/crypto
GET /api/Currency/backoffice/crypto-exchange-update
GET /api/Currency/backoffice/crypto-fiat-exchange
GET /api/Currency/backoffice/crypto-fulltext
GET /api/Currency/backoffice/fiat
GET /api/Currency/backoffice/fiat-fulltext
GET /api/Currency/backoffice/possible-crypto
GET /api/Currency/backoffice/possible-fiat
GET /api/Currency/crypto
GET /api/PlayerCurrency
GET /api/PlayerCurrency/backoffice
HEAD /api/Currency/health-check
HEAD /api/GamesCurrency/health-check
HEAD /api/PlayerCurrency/health-check
HEAD /api/WalletsCurrency/health-check
PUT /api/GamesCurrency/backoffice/block-crypto-currency
PUT /api/GamesCurrency/backoffice/block-fiat-currency
PUT /api/GamesCurrency/backoffice/unblock-crypto-currency
PUT /api/GamesCurrency/backoffice/unblock-fiat-currency
PUT /api/PlayerCurrency/backoffice/switch-fiat
PUT /api/PlayerCurrency/switch-fiat
PUT /api/WalletsCurrency/backoffice/block-crypto-deposit
PUT /api/WalletsCurrency/backoffice/block-crypto-withdrawal
PUT /api/WalletsCurrency/backoffice/block-fiat-deposit
PUT /api/WalletsCurrency/backoffice/block-fiat-withdrawal
PUT /api/WalletsCurrency/backoffice/unblock-crypto-deposit
PUT /api/WalletsCurrency/backoffice/unblock-crypto-withdrawal
PUT /api/WalletsCurrency/backoffice/unblock-fiat-deposit
PUT /api/WalletsCurrency/backoffice/unblock-fiat-withdrawal

Found on 2026-01-09 17:54

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: annuaire-demo.devbox-sante.fr
Port: 443
URL: https://annuaire-demo.devbox-sante.fr

First seen 2025-11-09 00:31
Last seen 2026-01-09 17:51
Open for 61 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5babc16345a8b7bf5b18295c6dd88cc1337322243

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /annuaire/finess
GET /annuaire/finess/byDenominationOrFiness/{valeur}
GET /annuaire/finess/{id}
GET /annuaire/professionnels
GET /annuaire/professionnels/fullTextSearch/all/{value}
GET /annuaire/professionnels/fullTextSearch/nomComplet/{nomComplet}
GET /annuaire/professionnels/{id}
GET /api/lastUpdated
GET /nomenclatures
GET /nomenclatures/{nomenclature}
GET /nomenclatures/{nomenclature}/findByLibelle/{libelle}
GET /nomenclatures/{nomenclature}/findByLibelleOrCode/{texte}
GET /nomenclatures/{nomenclature}/fullTextSearch/{texte}
GET /nomenclatures/{nomenclature}/{valeur}
GET /statistiques/activities
GET /statistiques/currentMonth
GET /statistiques/previousMonth
POST /annuaire/finess/search
POST /annuaire/mssante/search
POST /annuaire/professionnels/search

Found on 2026-01-09 17:51

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bookings.drdoflynn.com
Port: 443
URL: https://bookings.drdoflynn.com

First seen 2025-11-08 01:22
Last seen 2026-01-09 17:42
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 17:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bookings.sloanesquaremedical.org
Port: 443
URL: https://bookings.sloanesquaremedical.org

First seen 2025-11-08 01:22
Last seen 2026-01-09 17:42
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 17:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: log-insights.triomobil.com
Port: 80
URL: http://log-insights.triomobil.com

First seen 2025-10-19 21:55
Last seen 2026-01-09 17:38
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354919b7edf0ba8daa07fbe96ca9fbe96ca9fbe96ca9
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /filterLogEvent
GET /logGroups
POST /login
```
  Found on 2026-01-09 17:38
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.datavisning.se
Port: 80
URL: http://www.datavisning.se

First seen 2025-11-08 00:52
Last seen 2026-01-09 17:02
Open for 62 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec0bb1af2f52ba82dc5e997f6cbb2b3ff1c4f31669

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /api/_search/answers
GET /api/_search/metadata
GET /api/_search/questionnaires
GET /api/_search/questions
GET /api/_search/respondants
GET /api/_search/suites
GET /api/_search/users/{query}
GET /api/account
GET /api/activate
GET /api/answers
GET /api/answers/byQuestionId/{questionID}
GET /api/answers/{id}
GET /api/authenticate
GET /api/data
GET /api/datasuite
GET /api/metadata
GET /api/metadata/{id}
GET /api/profile-info
GET /api/questionnaires
GET /api/questionnaires/exist/{title}
GET /api/questionnaires/{id}
GET /api/questions
GET /api/questions/{id}
GET /api/respondants
GET /api/respondants/{id}
GET /api/segments
GET /api/suites
GET /api/suites/{id}
GET /api/users
GET /api/users/authorities
GET /api/users/{login}
POST /api/account/change-password
POST /api/account/reset-password/finish
POST /api/account/reset-password/init
POST /api/data/excel/{delimiter}
POST /api/data/excel/{delimiter}/{suiteId}
POST /api/register
PUT /api/questionnaires/{id}/unsuite

Found on 2026-01-09 17:02

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.datavisning.se
Port: 443
URL: https://www.datavisning.se

First seen 2025-11-08 00:52
Last seen 2026-01-09 17:02
Open for 62 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec0bb1af2f52ba82dc5e997f6cbb2b3ff1c4f31669

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /api/_search/answers
GET /api/_search/metadata
GET /api/_search/questionnaires
GET /api/_search/questions
GET /api/_search/respondants
GET /api/_search/suites
GET /api/_search/users/{query}
GET /api/account
GET /api/activate
GET /api/answers
GET /api/answers/byQuestionId/{questionID}
GET /api/answers/{id}
GET /api/authenticate
GET /api/data
GET /api/datasuite
GET /api/metadata
GET /api/metadata/{id}
GET /api/profile-info
GET /api/questionnaires
GET /api/questionnaires/exist/{title}
GET /api/questionnaires/{id}
GET /api/questions
GET /api/questions/{id}
GET /api/respondants
GET /api/respondants/{id}
GET /api/segments
GET /api/suites
GET /api/suites/{id}
GET /api/users
GET /api/users/authorities
GET /api/users/{login}
POST /api/account/change-password
POST /api/account/reset-password/finish
POST /api/account/reset-password/init
POST /api/data/excel/{delimiter}
POST /api/data/excel/{delimiter}/{suiteId}
POST /api/register
PUT /api/questionnaires/{id}/unsuite

Found on 2026-01-09 17:02

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: app.powerpop.ai
Port: 80
URL: http://app.powerpop.ai

First seen 2025-11-20 06:44
Last seen 2026-01-09 17:01
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 17:01
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bart.bartsparts.com
Port: 80
URL: http://bart.bartsparts.com

First seen 2025-11-07 00:46
Last seen 2026-01-09 16:36
Open for 63 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-09 16:36

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bookings.herohealth.net
Port: 443
URL: https://bookings.herohealth.net

First seen 2025-10-25 01:29
Last seen 2026-01-09 16:11
Open for 76 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 16:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api-mdd.erika-belicova.com
Port: 443
URL: https://api-mdd.erika-belicova.com

First seen 2025-12-09 01:38
Last seen 2026-01-09 16:10
Open for 31 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d6bbd62533d19fbb146d238df46eb3a2b5
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/posts
GET /api/posts/{id}
GET /api/topics
POST /api/auth/login
POST /api/auth/register
POST /api/posts/{id}/comments
POST /api/topics/{id}/subscriptions
```
  Found on 2026-01-09 16:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: dashboard.devbox-sante.fr
Port: 443
URL: https://dashboard.devbox-sante.fr

First seen 2025-10-25 01:19
Last seen 2026-01-09 16:00
Open for 76 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 16:00
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5234fb4afea2f53cfffd79d6a25b1dbe16fe35d49
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /admin/logs/import
GET /annuaire/activities
GET /auth/login
GET /licenses
GET /logs
GET /logs/components
GET /logs/errorCodes
GET /logs/servicePaths
GET /logs/services
GET /logs/types
POST /logs/search
```
  Found on 2026-01-02 22:23
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: dashboard-auth.say2eat.com
Port: 80
URL: http://dashboard-auth.say2eat.com

First seen 2025-10-27 01:11
Last seen 2026-01-09 15:57
Open for 74 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 15:57
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 75.2.43.161
Domain: formalist.srfdigital.ch
Port: 80
URL: http://formalist.srfdigital.ch/_profiler/empty/search/results

First seen 2025-09-19 01:27
Last seen 2026-01-09 15:05
Open for 112 days
- Fingerprint: 407cf4363b0e62fafca67e07ef21e44fef21e44fef21e44fef21e44fef21e44f
```
Symfony profiler enabled:
http://formalist.srfdigital.ch/_profiler/empty/search/results
```
  Found on 2026-01-09 15:05
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: reader-gateway.paperview-services.com
Port: 443
URL: https://reader-gateway.paperview-services.com

First seen 2025-11-23 02:21
Last seen 2026-01-09 14:43
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 14:43
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: nspoh-planner.ki-app.nl
Port: 443
URL: https://nspoh-planner.ki-app.nl

First seen 2025-11-21 04:28
Last seen 2026-01-09 14:23
Open for 49 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bdff51b6aa72044f3791d1707ec0dee5e7d10b5da

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/evenement/{evenementId}/sessies/{sessieId}/extra-locaties/{id}
DELETE /api/reservering/{id}
DELETE /api/roostervrij/{id}
GET /api/account
GET /api/afas/admin
GET /api/afas/admin/connector/{connectorId}
GET /api/afas/admin/metainfo/generate
GET /api/afas/admin/metainfo/generate-update
GET /api/afas/admin/metainfo/get/{connectorId}
GET /api/afas/admin/metainfo/update/{connectorId}
GET /api/afas/overzicht/Cohort
GET /api/afas/overzicht/Dagdeel
GET /api/afas/overzicht/Deelnemer
GET /api/afas/overzicht/Evenement
GET /api/afas/overzicht/EvenementCohort
GET /api/afas/overzicht/Gebruiker
GET /api/afas/overzicht/Locatie
GET /api/afas/overzicht/Module
GET /api/afas/overzicht/ModuleCohort
GET /api/afas/overzicht/Plaats
GET /api/afas/overzicht/Project
GET /api/afas/overzicht/Sessie
GET /api/afas/overzicht/SessieKoppeling
GET /api/afas/overzicht/lws-koppeling
GET /api/afas/overzicht/lws-stagekoppeling-eenmalig
GET /api/afas/overzicht/lws-stageplek
GET /api/afas/overzicht/lws-stageplek-eenmalig
GET /api/afas/overzicht/vrije-tabel
GET /api/authenticate
GET /api/evenement/aanvraag
GET /api/evenement/aanvraag/{sbId}
GET /api/evenement/by-cohort
GET /api/evenement/by-datum
GET /api/evenement/by-ids
GET /api/evenement/by-koppelid
GET /api/evenement/by-locatie
GET /api/evenement/by-module
GET /api/evenement/by-opleiding
GET /api/evenement/extra-locatie/by-datum
GET /api/evenement/laatste-by-molule
GET /api/evenement/locatie-todo
GET /api/evenement/{evenementId}/sessies
GET /api/evenement/{evenementId}/sessies/{sessieId}
GET /api/evenement/{evenementId}/sessies/{sessieId}/deelnemers
GET /api/evenement/{evenementId}/sessies/{sessieId}/extra-locaties
GET /api/gebruiker
GET /api/module/find-all
GET /api/reservering
GET /api/roostervrij
GET /api/roostervrij/periode
GET /api/stage/koppelingen
GET /api/stage/koppelingen/{volgnummer}
GET /api/stage/plekken
GET /api/stage/todo
GET /api/vakantie
GET /api/vakantie/periode
POST /api/evenement
POST /api/evenement/aanvraag/indienen
POST /api/sessie-koppeling
PUT /api/evenement/{evenementId}

Found on 2026-01-09 14:23

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.visitgreenland.com
Port: 443
URL: https://api.visitgreenland.com

First seen 2025-12-06 00:48
Last seen 2026-01-09 14:11
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 14:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api-dev.delivast.co.za
Port: 80
URL: http://api-dev.delivast.co.za

First seen 2025-10-14 04:40
Last seen 2026-01-09 13:27
Open for 87 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 13:27
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: enlight.apptoku.com
Port: 80
URL: http://enlight.apptoku.com

First seen 2025-10-17 00:31
Last seen 2026-01-09 12:45
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff431ce6ac208ff9edfad6c4ca4fb986a8a6cb87b40b
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /events/
GET /events/archive/
GET /events/filter_options/
GET /events/{slug}/{id}/
GET /ideas/
GET /ideas/{id}/
GET /logout/
GET /user/
POST /events/{id}/attachments/
POST /events/{id}/participate/
POST /events/{id}/vote/
POST /ideas/{id}/vote/
POST /token/refresh/
```
  Found on 2026-01-09 12:45
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: timing.ltavaring.com
Port: 80
URL: http://timing.ltavaring.com

First seen 2025-11-20 00:52
Last seen 2026-01-09 12:43
Open for 50 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b75bae3acdb27a508fc4a3d1c889c91b979186029

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/admin/classifications
GET /api/admin/entries
GET /api/admin/entries/event-day/{eventDayId}
GET /api/admin/eventDays
GET /api/admin/eventDays/event/{eventId}
GET /api/admin/events
GET /api/admin/events/season/{id}
GET /api/admin/events/{id}
GET /api/admin/pilots
GET /api/admin/pilots/{id}
GET /api/admin/seasons
GET /api/admin/seasons/{id}
GET /api/admin/tracks
GET /api/admin/tracks/{id}
GET /api/classifications
GET /api/entries
GET /api/entries/event-day/{eventDayId}
GET /api/eventDays
GET /api/eventDays/event/{eventId}
GET /api/events
GET /api/events/season/{id}
GET /api/events/{id}
GET /api/pilots
GET /api/pilots/{id}
GET /api/seasons
GET /api/seasons/{id}
GET /api/timing/currentEventDay
GET /api/tracks
GET /api/tracks/{id}
POST /api/admin/classifications/delete/{id}
POST /api/admin/entries/delete/{id}
POST /api/admin/eventDays/delete/{id}
POST /api/admin/events/delete/{id}
POST /api/admin/pilots/delete/{id}
POST /api/admin/seasons/delete/{id}
POST /api/admin/tracks/delete/{id}
POST /api/timing/laps
POST /auth/login

Found on 2026-01-09 12:43

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: netlight-events-api.edgez.live
Port: 443
URL: https://netlight-events-api.edgez.live

First seen 2025-10-21 11:34
Last seen 2026-01-09 12:41
Open for 80 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110b5863c4ce4a95b72ceca4c72ceca4c72ceca4c72ceca4c
```
Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /api/events
GET /api/offices
```
  Found on 2026-01-09 12:41
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: services-test.powerpop.ai
Port: 80
URL: http://services-test.powerpop.ai

First seen 2025-11-18 14:25
Last seen 2026-01-09 12:37
Open for 51 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 12:37
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: minmemoria-api-stage.vilmer.no
Port: 443
URL: https://minmemoria-api-stage.vilmer.no

First seen 2025-10-19 01:49
Last seen 2026-01-09 12:25
Open for 82 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 12:25
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: pos.api.dev.dbytel.com
Port: 80
URL: http://pos.api.dev.dbytel.com

First seen 2025-11-09 11:55
Last seen 2026-01-09 12:02
Open for 61 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-09 12:02

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-16 22:01

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba094a79a48

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-02 06:16

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba083d9d5b0

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-27 02:44

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-23 00:09

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba018f925d7

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-09 11:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: my-new.yapu.solutions
Port: 80
URL: http://my-new.yapu.solutions

First seen 2025-11-17 01:16
Last seen 2026-01-09 11:56
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 11:56
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: dev.api.gamification.hotlens.com
Port: 443
URL: https://dev.api.gamification.hotlens.com

First seen 2025-11-06 01:03
Last seen 2026-01-09 10:50
Open for 64 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38ba6d8bc6b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/Other/backoffice/gamification-limits
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/referrals
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/PlayersReferral
GET /api/PlayersReferral/backoffice
GET /api/PlayersReferral/backoffice/claims
GET /api/PlayersReferral/backoffice/statistics
GET /api/PlayersReferral/claims
GET /api/PlayersReferral/statistics
GET /api/PlayersReferral/total-statistics
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/Other/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/PlayersReferral/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/Achievements/backoffice/achievement-multiplier
POST /api/Achievements/backoffice/achievement-spins
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
POST /api/PlayersReferral/claim
PUT /api/Achievements/backoffice/achievement
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2026-01-09 10:50

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38b51008d30

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/Achievements/backoffice/achievement-multiplier
POST /api/Achievements/backoffice/achievement-spins
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
PUT /api/Achievements/backoffice/achievement
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2026-01-06 00:11

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38bf5ba61b9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/Achievements/backoffice/achievement-multiplier
POST /api/Achievements/backoffice/achievement-spins
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2025-12-12 23:02

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38bc28e739b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2025-11-26 19:04

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: pos.api.dev.dbytel.com
Port: 443
URL: https://pos.api.dev.dbytel.com

First seen 2025-11-09 11:55
Last seen 2026-01-09 10:10
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-09 10:10

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-16 16:43

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba094a79a48

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-01 10:32

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba083d9d5b0

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-27 10:48

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-23 00:32

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba018f925d7

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-09 11:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bookings.olp.surgery
Port: 443
URL: https://bookings.olp.surgery

First seen 2025-11-14 00:16
Last seen 2026-01-09 09:42
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 09:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: objednavky-test.gamextrading.sk
Port: 80
URL: http://objednavky-test.gamextrading.sk

First seen 2025-10-30 18:14
Last seen 2026-01-09 09:40
Open for 70 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 09:40
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: hadrianextracarehub.htech.app
Port: 443
URL: https://hadrianextracarehub.htech.app

First seen 2025-10-22 00:46
Last seen 2026-01-09 09:32
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 09:32
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: myscore-api-dev.watercircles.no
Port: 80
URL: http://myscore-api-dev.watercircles.no

First seen 2025-11-22 01:54
Last seen 2026-01-09 09:29
Open for 48 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bbeb9623a0e5f5c89637cf61dfa9f1ce008506ffe
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/freg/{ssn}
GET /api/freg/{ssn}/all
GET /api/session/{guid}
POST /api/debt
POST /api/session/{guid}/contact
POST /api/session/{guid}/decline
```
  Found on 2026-01-09 09:29
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.yyuacildurum.com
Port: 80
URL: http://www.yyuacildurum.com

First seen 2025-12-05 05:23
Last seen 2026-01-09 09:20
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e54457313b2bd13cbc17ed3a2f5a28872a0908e52e
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/auth/deleteuser
GET /api/v1/auth/filter
GET /api/v1/auth/records
GET /forms/beyazdata/{recordId}
GET /forms/kirmizidata/{recordId}
GET /forms/mavidata/{recordId}
GET /forms/pembedata/{recordId}
PATCH /api/v1/users
POST /api/v1/auth/authenticate
POST /api/v1/auth/authenticateflutter
POST /api/v1/auth/registerm
```
  Found on 2026-01-09 09:20
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: mta-sts.searchsmartly.co
Port: 443
URL: https://mta-sts.searchsmartly.co

First seen 2025-10-21 00:40
Last seen 2026-01-09 08:30
Open for 80 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff438b93e2adde6a7956dcb1494afcf2f21e311aabdd

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /area-comparison
GET /areas
GET /banners
GET /deals
GET /developments/{id}
GET /developments/{id}/properties
GET /lists
GET /lists/{id}
GET /portal-users/verify-user
GET /portal-users/{id}
GET /properties
GET /properties/{id}
GET /properties/{id}/pin-data
GET /referrals/fetch
GET /requests
GET /requests/{id}
GET /schools
GET /schools/{id}
GET /search-results/{id}/pins
POST /confirm-verification-email/{id}/{token}
POST /feeds/barratt/lead/{vr_id}
POST /isochrones/
POST /lists/add_editor
POST /lists/{id}/add_favourite
POST /lists/{id}/delete_favourite
POST /lists/{id}/remove_editor
POST /lists/{id}/share
POST /portal-users/change-password
POST /portal-users/login
POST /portal-users/logout
POST /portal-users/reset-password/
POST /portal-users/reset-password/confirm/{token}/{email}
POST /portal-users/signup
POST /portal-users/update-notes
POST /portal-users/{id}/update-score
POST /referrals/refer
POST /referrals/validate
POST /referrals/voucher
POST /requests/send-enquiry
POST /requests/{id}/cancel
POST /requests/{id}/resend-event
POST /resend-verification-email/{id}/{token}
POST /send-verification-email
POST /smartscore/
POST /travel-time/
POST /user-country

Found on 2026-01-09 08:30

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: clean-cycle-api.denovo.cloud
Port: 443
URL: https://clean-cycle-api.denovo.cloud

First seen 2025-11-15 01:10
Last seen 2026-01-09 08:18
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 08:18
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: pos.api.dbytel.com
Port: 80
URL: http://pos.api.dbytel.com

First seen 2025-11-09 11:50
Last seen 2026-01-09 08:04
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-09 08:04

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-16 21:26

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-11 09:11

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0e5955ed1

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/create
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/records
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-14 03:58

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.myfloquote.com
Port: 443
URL: https://api.myfloquote.com

First seen 2025-11-13 04:04
Last seen 2026-01-09 07:48
Open for 57 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 07:48
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: pim.bartsparts-development.com
Port: 443
URL: https://pim.bartsparts-development.com

First seen 2025-11-21 01:48
Last seen 2026-01-09 07:32
Open for 49 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-09 07:32

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: app.tikket.be
Port: 443
URL: https://app.tikket.be

First seen 2025-11-15 03:40
Last seen 2026-01-09 07:27
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb428ce56e805e990d965e1c2ae9bf0d8090b862497

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
DELETE /organisations/{id}/reset_mollie_config/
DELETE /organisations/{id}/reset_stripe_config/
GET /events/
GET /events/{event_pk}/invites/
GET /events/{event_pk}/invites/{id}/
GET /events/{event_pk}/orders/
GET /events/{event_pk}/orders/{id}/
GET /events/{event_pk}/scannergroups/
GET /events/{event_pk}/scannergroups/{id}/
GET /events/{event_pk}/scannergroups/{scannergroup_pk}/scanners/
GET /events/{event_pk}/scannergroups/{scannergroup_pk}/scanners/{id}/
GET /events/{event_pk}/tickets/
GET /events/{event_pk}/tickettypes/
GET /events/{event_pk}/tickettypes/{id}/
GET /events/{event_pk}/validations/
GET /events/{event_pk}/webshops/
GET /events/{event_pk}/webshops/{id}/
GET /events/{event_pk}/webshops/{webshop_pk}/categories/
GET /events/{event_pk}/webshops/{webshop_pk}/categories/{category_pk}/tickets/
GET /events/{event_pk}/webshops/{webshop_pk}/categories/{category_pk}/tickets/{id}/
GET /events/{event_pk}/webshops/{webshop_pk}/categories/{id}/
GET /events/{event_pk}/webshops/{webshop_pk}/invites/
GET /events/{event_pk}/webshops/{webshop_pk}/invites/{id}/
GET /events/{event_pk}/webshops/{webshop_pk}/orders/
GET /events/{event_pk}/webshops/{webshop_pk}/orders/{id}/
GET /events/{event_pk}/webshops/{webshop_pk}/orders/{id}/pdf/
GET /events/{id}/
GET /events/{id}/stats/
GET /invites/{id}/
GET /me/
GET /organisations/
GET /organisations/{id}/
GET /organisations/{id}/mollie_auth/
GET /organisations/{id}/mollie_config/
GET /organisations/{id}/stripe_auth/
GET /organisations/{id}/stripe_config/
GET /organisations/{org_pk}/membertypes/
GET /organisations/{org_pk}/membertypes/{id}/
GET /public/memberships/{id}/
GET /public/orders/{id}/
GET /public/registrationportals/{id}/
GET /shop/{id}/
POST /events/{event_pk}/orders/{id}/resend_mail/
POST /events/{event_pk}/tickettypes/{id}/generate_tickets/
POST /events/{event_pk}/webshops/{webshop_pk}/invites/import
POST /events/{id}/duplicate/
POST /organisations/{id}/add_event/
POST /password_reset/
POST /password_reset/confirm/
POST /password_reset/validate_token/
POST /public/orders/{id}/personalize/
POST /public/registrationportals/{id}/register_member/
POST /scan/register/
POST /scan/validate/
POST /shop/{id}/create_order/
POST /token/
POST /token/refresh/
POST /webhooks/mollie/payment/{payment_id}/
POST /webhooks/stripe/
PUT /events/{event_pk}/tickets/{id}/
PUT /events/{event_pk}/tickettypes/{id}/set_header_image/
PUT /events/{event_pk}/webshops/{id}/set_background_image/
PUT /organisations/{id}/set_mollie_profile/

Found on 2026-01-09 07:27

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.vaulty.site
Port: 443
URL: https://api.vaulty.site

First seen 2025-11-17 00:26
Last seen 2026-01-09 06:59
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a36c50fc35

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/me
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2026-01-09 06:59

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a32311aae5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/canLeaveReview
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/getUserInfoBySession
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2025-11-30 20:15

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.enlight.apptoku.com
Port: 80
URL: http://api.enlight.apptoku.com

First seen 2025-10-17 00:31
Last seen 2026-01-09 05:56
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff431ce6ac208ff9edfad6c4ca4fb986a8a6cb87b40b
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /events/
GET /events/archive/
GET /events/filter_options/
GET /events/{slug}/{id}/
GET /ideas/
GET /ideas/{id}/
GET /logout/
GET /user/
POST /events/{id}/attachments/
POST /events/{id}/participate/
POST /events/{id}/vote/
POST /ideas/{id}/vote/
POST /token/refresh/
```
  Found on 2026-01-09 05:56
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: pim.bartsparts-development.com
Port: 80
URL: http://pim.bartsparts-development.com

First seen 2025-11-21 01:48
Last seen 2026-01-09 05:25
Open for 49 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-09 05:25

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: staging.catalog-api.visionstrust.com
Port: 443
URL: https://staging.catalog-api.visionstrust.com

First seen 2025-12-09 01:13
Last seen 2026-01-09 05:24
Open for 31 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 05:24
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bak-wisdom.pagodalog.com
Port: 443
URL: https://bak-wisdom.pagodalog.com

First seen 2025-11-23 03:41
Last seen 2026-01-09 05:02
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 05:02
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.hvemsahva.no
Port: 443
URL: https://api.hvemsahva.no

First seen 2025-11-25 01:15
Last seen 2026-01-09 04:13
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b2794c2a810f3f43235126058cb038b70115bdc2a
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /game/id
GET /game/ranking
GET /game/score
GET /games
GET /me
GET /rank
POST /auth/refresh-token
POST /auth/register
POST /auth/signin
```
  Found on 2026-01-09 04:13
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api-v2.searchsmartly.co
Port: 443
URL: https://api-v2.searchsmartly.co

First seen 2025-11-17 00:14
Last seen 2026-01-09 03:52
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff438b93e2adde6a7956dcb1494afcf2f21e311aabdd

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /area-comparison
GET /areas
GET /banners
GET /deals
GET /developments/{id}
GET /developments/{id}/properties
GET /lists
GET /lists/{id}
GET /portal-users/verify-user
GET /portal-users/{id}
GET /properties
GET /properties/{id}
GET /properties/{id}/pin-data
GET /referrals/fetch
GET /requests
GET /requests/{id}
GET /schools
GET /schools/{id}
GET /search-results/{id}/pins
POST /confirm-verification-email/{id}/{token}
POST /feeds/barratt/lead/{vr_id}
POST /isochrones/
POST /lists/add_editor
POST /lists/{id}/add_favourite
POST /lists/{id}/delete_favourite
POST /lists/{id}/remove_editor
POST /lists/{id}/share
POST /portal-users/change-password
POST /portal-users/login
POST /portal-users/logout
POST /portal-users/reset-password/
POST /portal-users/reset-password/confirm/{token}/{email}
POST /portal-users/signup
POST /portal-users/update-notes
POST /portal-users/{id}/update-score
POST /referrals/refer
POST /referrals/validate
POST /referrals/voucher
POST /requests/send-enquiry
POST /requests/{id}/cancel
POST /requests/{id}/resend-event
POST /resend-verification-email/{id}/{token}
POST /send-verification-email
POST /smartscore/
POST /travel-time/
POST /user-country

Found on 2026-01-09 03:52

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: carrefour-realizasyon.triomobil.com
Port: 443
URL: https://carrefour-realizasyon.triomobil.com

First seen 2025-10-16 00:58
Last seen 2026-01-09 03:15
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035491aafb93f77a72431bc4350373837716d5b2bbd8c
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /alarmEmailAddress
GET /excelExportSensorHistory
GET /excelExportSensorHistoryLastDepot
GET /excelExportTemperatureSensorHistory
GET /excelExportVehicles
GET /plansWithSensorAndLastDepot
GET /routePlanReport
GET /sensorHistory
GET /sensorHistoryLastDepot
GET /telematikVehicles
GET /temperatureSensorHistory
POST /ReSendPlansOrtec
POST /excelExportRealization
POST /excelExportSensorAlarms
POST /excelExportTemperatureSensorAlarms
POST /login
POST /reSendAllStepOrtec
POST /reSendStepOrtec
POST /wsdl
PUT /alarmEmailAddress/{id}
```
  Found on 2026-01-09 03:15
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: doc-a-ci.comalatech.app
Port: 80
URL: http://doc-a-ci.comalatech.app

First seen 2025-11-21 02:38
Last seen 2026-01-09 02:59
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 02:59
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: dev.o2e.sa
Port: 443
URL: https://dev.o2e.sa

First seen 2025-12-11 01:05
Last seen 2026-01-09 02:55
Open for 29 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecb3069b91a7defb6a429d57bd48c622f3e00cb877

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /api/account/{email}
DELETE /api/admin/users/{id}
DELETE /api/bookmarks/offer/{id}
DELETE /api/family-user/{email}
GET /api/account
GET /api/admin/admin-users
GET /api/admin/advertising
GET /api/admin/advertising/{id}
GET /api/admin/catering-requests
GET /api/admin/catering-requests/{id}
GET /api/admin/company/{companyId}/users
GET /api/admin/company/{companyId}/users/filter
GET /api/admin/dashboard
GET /api/admin/dashboard/redeemers
GET /api/admin/gifts
GET /api/admin/report
GET /api/admin/report/businesses
GET /api/admin/report/consumed-offer-per-business
GET /api/admin/report/most-visited-business
GET /api/admin/report/offers
GET /api/admin/report/pdf
GET /api/admin/report/redeemers
GET /api/admin/report/top-users
GET /api/admin/report/users
GET /api/admin/report/xlsx
GET /api/admin/users
GET /api/admin/users/list
GET /api/admin/users/{login}
GET /api/authenticate
GET /api/authorities
GET /api/bookmarks
GET /api/bookmarks/{id}
GET /api/business-categories
GET /api/business-categories-page
GET /api/business-categories/{id}
GET /api/businesses
GET /api/businesses/summary
GET /api/businesses/{id}
GET /api/businesses/{id}/visited
GET /api/companies
GET /api/companies/list
GET /api/companies/{id}
GET /api/company-admins
GET /api/company-admins/{id}
GET /api/company-types
GET /api/company-types/{id}
GET /api/config/whatsapp
GET /api/contact-us
GET /api/contact-us/{id}
GET /api/contacts
GET /api/contacts/{id}
GET /api/enabled/businesses
GET /api/generate-qr
GET /api/gifts
GET /api/gifts/count
GET /api/gifts/{id}
GET /api/join-us
GET /api/join-us/{id}
GET /api/locations
GET /api/locations/{id}
GET /api/mobile/advertising
GET /api/notifications
GET /api/notifications/{id}
GET /api/offer-logs/company/{companyId}
GET /api/offers
GET /api/offers/available-priority
GET /api/offers/exclusive
GET /api/offers/with-priority
GET /api/offers/{id}
GET /api/scan-qr
GET /api/storges/{uuid}
GET /api/users
GET /api/v2/offers
GET /v3/api-docs
GET /v3/api-docs.yaml
GET /v3/api-docs.yaml/{group}
GET /v3/api-docs/{group}
PATCH /api/admin/user/{id}
POST /api/account/change-password
POST /api/account/family/reset-password/finish
POST /api/account/resend-otp
POST /api/account/reset-password/check
POST /api/account/reset-password/finish
POST /api/account/reset-password/init
POST /api/activate
POST /api/businesses/bulk
POST /api/family-user
POST /api/migrate/files
POST /api/offer
POST /api/offer-logs
POST /api/offers/{id}/priority
POST /api/register
POST /api/support

Found on 2026-01-09 02:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: ccapi.constructioncure.com
Port: 80
URL: http://ccapi.constructioncure.com

First seen 2025-11-20 19:07
Last seen 2026-01-09 02:36
Open for 49 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d6079859ea4f

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/stats/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/stats/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/members/{id}/stats/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/stats/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/stats/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/unpaid-time/stats/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/stats/paid/
GET /me/stats/time/
GET /me/stats/unpaid/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2026-01-09 02:36

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d607380e60c8

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2025-12-20 22:26

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d607308adc73

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2025-12-01 06:03

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: order-api.selectmeat.ro
Port: 80
URL: http://order-api.selectmeat.ro

First seen 2025-11-16 00:14
Last seen 2026-01-09 01:56
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b7f0f93a13d18990547eb8bf9024cfa4d6d83b17f
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/order/bulk
GET /api/address/client/{id}
GET /api/address/client/{id}/cbd
GET /api/address/{id}
GET /api/client
GET /api/client/{id}
GET /api/order/{id}
GET /api/products
GET /api/user
GET /api/vendor
GET /api/vendor/{id}
POST /api/address
POST /api/order
POST /api/order/report
```
  Found on 2026-01-09 01:56
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: objednavky-test.gamextrading.sk
Port: 443
URL: https://objednavky-test.gamextrading.sk

First seen 2025-10-30 18:14
Last seen 2026-01-09 01:53
Open for 70 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 01:53
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: integration-playground.pivotapp.ai
Port: 443
URL: https://integration-playground.pivotapp.ai

First seen 2025-11-21 02:19
Last seen 2026-01-09 01:33
Open for 48 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b58f0cb59ef9c7d6fb26211b900a7ca4100a7ca41
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /integrations/{integrationName}/oauth
GET /integrations/{integrationName}/oauth/authorize
GET /open-integrations/configuration
POST /integrations/{integrationName}/webhook
```
  Found on 2026-01-09 01:33
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: bakgrunnssjekk-staging.semac.no
Port: 443
URL: https://bakgrunnssjekk-staging.semac.no

First seen 2025-11-25 00:45
Last seen 2026-01-09 01:15
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f5e22fb46b2be8806407db90cc128ed37e411d61a2ad2de0
```
Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /v1/cases/{id}
GET /v1/departments
GET /v1/employers
GET /v1/institutions
GET /v1/invoice_recipients
GET /v1/invoice_references
GET /v1/levels
GET /v1/questionnaires
GET /v1/sources
POST /v1/cases
POST /v1/cases/{id}/documents
```
  Found on 2026-01-09 01:15
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: admin.unelmista.fi
Port: 443
URL: https://admin.unelmista.fi

First seen 2025-11-20 00:02
Last seen 2026-01-08 23:14
Open for 49 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60d4374e93ceed08dd8e0ca69c0bed85e3f6e94423

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/v1/pleas/{plea_id}
DELETE /api/v1/users/sign_out
GET /api/v1/activities
GET /api/v1/donations
GET /api/v1/donations/archived
GET /api/v1/donations/{donation_id}
GET /api/v1/donations/{donation_id}/transactions
GET /api/v1/hobbies
GET /api/v1/organizations
GET /api/v1/pleas
GET /api/v1/pleas/archived
GET /api/v1/pleas/{plea_id}/bills
GET /api/v1/regions
GET /api/v1/statistics
GET /api/v1/users/details
POST /api/v1/donations/{donation_id}/transactions/{transaction_id}/commit
POST /api/v1/users/forgot_password
POST /api/v1/users/recover_password
POST /api/v1/users/sign_in
POST /api/v1/users/sign_up
PUT /api/v1/donations/{donation_id}/add_card_token
PUT /api/v1/donations/{donation_id}/unarchive
PUT /api/v1/pleas/{plea_id}/bills/{bill_id}
PUT /api/v1/pleas/{plea_id}/unarchive
PUT /api/v1/users/update

Found on 2026-01-08 23:14

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.famihewa.eu
Port: 443
URL: https://api.famihewa.eu

First seen 2025-12-03 00:18
Last seen 2026-01-08 23:09
Open for 36 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b0e74d9facdd9de30222d17b9fd636b46f07509c8
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /v1/under-constructions/{id}
GET /v1/ERROR/{code}/{title}
GET /v1/ingredients
GET /v1/ingredients/count
GET /v1/ingredients/{id}
GET /v1/recipes
GET /v1/recipes/count
GET /v1/recipes/{id}
GET /v1/under-constructions
GET /v1/under-constructions/count
GET /v1/under-constructions/latest
GET /v1/units
GET /v1/units/count
GET /v1/units/{id}
GET /v1/wines
GET /v1/wines/count
GET /v1/wines/{id}
PUT /v1/recipes/{id}/addIngredient
PUT /v1/recipes/{id}/addWine
PUT /v1/recipes/{id}/removeIngredient
PUT /v1/recipes/{id}/removeWine
PUT /v1/units/{id}/removeBaseUnit
PUT /v1/units/{id}/setBaseUnit
```
  Found on 2026-01-08 23:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: akgida.triomobil.com
Port: 443
URL: https://akgida.triomobil.com

First seen 2025-10-31 00:29
Last seen 2026-01-08 22:42
Open for 69 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035492122137f0ea656aec877d10e66ed016ebc6f4122
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /reports/temperature/measurements/history
GET /reports/temperature/measurements/latest
GET /reports/temperature/measurements/summary
GET /temperatureSensors
PATCH /temperatureSensors/tag
POST /auth
```
  Found on 2026-01-08 22:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.thestudiorev.com
Port: 80
URL: http://www.thestudiorev.com

First seen 2025-11-08 01:02
Last seen 2026-01-08 00:02
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-08 00:02
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 75.2.43.161
Domain: grenaide.pommegrenade.fr
Port: 80
URL: http://grenaide.pommegrenade.fr/_profiler/empty/search/results

First seen 2025-05-09 12:19
Last seen 2026-01-06 01:30
Open for 241 days
- Fingerprint: 407cf4363b0e62fafca67e07c1f877f9c1f877f9c1f877f9c1f877f9c1f877f9
```
Symfony profiler enabled:
http://grenaide.pommegrenade.fr/_profiler/empty/search/results
```
  Found on 2026-01-06 01:30
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: salas-test.spotlinker.com
Port: 443
URL: https://salas-test.spotlinker.com

First seen 2023-01-10 03:59
Last seen 2026-01-05 01:19
Open for 1090 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a4a9594b461eb72520e750c7c65e31ebd
```
Found 19 files trough .DS_Store spidering:

/t1
/t1/assets
/t1/assets/css
/t1/assets/img
/t1/assets/js
/t1/assets/plugins
/t1/logo-spotlinker-manager-negro.png
/t1/logo_SpotlinkerSALAS.PNG
/t1/logo_SpotlinkerSALAS.png
/t1/webarch
/t1/webarch/css
/t1/webarch/css/themes
/t1/webarch/css/webarch.css
/t1/webarch/css/webarch.rtl.css
/t1/webarch/fonts
/t1/webarch/img
/t1/webarch/js
/t1/webarch/less
/t1/webarch/scss
```
  Found on 2026-01-05 01:19
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7b9fd5b57b9fd5b57b9fd5b57b9fd5b5
```
Found 1 files trough .DS_Store spidering:

/t1
```
  Found on 2025-11-06 00:03
- Severity: low
  Fingerprint: 5f32cf5d6962f09c2eda814e2eda814e20c39e604c205896580f6f2bd2dd5550
```
Found 6 files trough .DS_Store spidering:

/t1
/t1/assets
/t1/logo-spotlinker-manager-negro.png
/t1/logo_SpotlinkerSALAS.PNG
/t1/logo_SpotlinkerSALAS.png
/t1/webarch
```
  Found on 2024-09-11 03:16
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: candorsweden.cpms46.se
Port: 443
URL: https://candorsweden.cpms46.se

First seen 2025-11-23 10:18
Last seen 2026-01-05 00:49
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-05 00:49
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: aroselectronics.cpms46.se
Port: 443
URL: https://aroselectronics.cpms46.se

First seen 2025-11-11 06:53
Last seen 2026-01-04 05:34
Open for 53 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-04 05:34
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: swimkiddo.cz
Port: 443
URL: https://swimkiddo.cz

First seen 2025-11-18 20:34
Last seen 2026-01-03 21:04
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3504af1f44d310a1eefed1e11ea2cac38f46dca2214

GraphQL introspection enabled at /api
Types: 109 (by kind: ENUM: 3, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 28, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUserLanguage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 21:04

59.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027ce5e245f8575a8f9122be337d84978b1823dd8

GraphQL introspection enabled at /api
Types: 110 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 26, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-18 15:32

57.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dbdd11618948e1a3729ac8ee86968a411d6ecbdd

GraphQL introspection enabled at /api
Types: 108 (by kind: ENUM: 5, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 25, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-14 10:45

55.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11af48710dc778673a45ee00904

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: courseProgress, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-08 14:46

45.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11a00563df6f79eff2675fded82

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-18 20:34

45.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.swimkiddo.cz
Port: 80
URL: http://www.swimkiddo.cz

First seen 2025-11-18 20:34
Last seen 2026-01-03 21:02
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3504af1f44d310a1eefed1e11ea2cac38f46dca2214

GraphQL introspection enabled at /api
Types: 109 (by kind: ENUM: 3, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 28, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUserLanguage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 21:02

59.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dd853796c2d4ee4689188eb1c12fe14a3bf00d96

GraphQL introspection enabled at /api
Types: 111 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 27, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-19 03:49

59.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027ce5e245f8575a8f9122be337d84978b1823dd8

GraphQL introspection enabled at /api
Types: 110 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 26, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-17 03:55

57.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dbdd11618948e1a3729ac8ee86968a411d6ecbdd

GraphQL introspection enabled at /api
Types: 108 (by kind: ENUM: 5, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 25, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-14 12:47

55.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11af48710dc778673a45ee00904

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: courseProgress, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-01 10:48

45.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11a00563df6f79eff2675fded82

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-18 20:34

45.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.republik.ch
Port: 443
URL: https://api.republik.ch

First seen 2025-11-07 00:16
Last seen 2026-01-03 01:05
Open for 57 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3be2694cc2fe728902c80cf0d965636e8434d7b3e

GraphQL introspection enabled at /graphql
Types: 362 (by kind: ENUM: 59, INPUT_OBJECT: 42, INTERFACE: 8, OBJECT: 235, SCALAR: 10, UNION: 8)
Operations:
- Query: queries | fields: greeting, memberStats, membershipStats, nextStatement, statements
- Mutation: mutations | fields: publishCredential, updateAddress, updateMe, updateUser, verifyCredential
- Subscription: subscriptions | fields: comment, greeting, repoChange, repoUpdate, uncommittedChanges
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 01:05

513.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b3e1af7e1bf413aee418b52be630514a9ec70c80

GraphQL introspection enabled at /graphql
Types: 361 (by kind: ENUM: 59, INPUT_OBJECT: 42, INTERFACE: 8, OBJECT: 234, SCALAR: 10, UNION: 8)
Operations:
- Query: queries | fields: greeting, memberStats, membershipStats, nextStatement, statements
- Mutation: mutations | fields: publishCredential, updateAddress, updateMe, updateUser, verifyCredential
- Subscription: subscriptions | fields: comment, greeting, repoChange, repoUpdate, uncommittedChanges
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-01 14:57

512.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: fussballinfos.ch
Port: 80
URL: http://fussballinfos.ch

First seen 2025-11-08 00:02
Last seen 2026-01-03 01:02
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-03 01:02
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.bookist.org
Port: 443
URL: https://www.bookist.org

First seen 2025-12-09 01:02
Last seen 2026-01-03 00:52
Open for 24 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3db2a2f39193c095bc804d573a865ed690b25213d

GraphQL introspection enabled at /graphql
Types: 103 (by kind: ENUM: 11, INPUT_OBJECT: 2, OBJECT: 80, SCALAR: 10)
Operations:
- Query: Query | fields: getSeries, mostReadAuthors, peopleSuggestions, userReadingStats, userReadingStatsNew
- Mutation: Mutation | fields: makeChoice, signinRequestOtp, signupRequestOtp, updateUser, validateOtp
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-03 00:52

146.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e20acc0afc1b73ba2f42b18d5a4240af263cd7c3

GraphQL introspection enabled at /graphql
Types: 100 (by kind: ENUM: 11, INPUT_OBJECT: 2, OBJECT: 77, SCALAR: 10)
Operations:
- Query: Query | fields: getAuthor, getSeries, mostReadAuthors, peopleSuggestions, userReadingStats
- Mutation: Mutation | fields: makeChoice, signinRequestOtp, signupRequestOtp, updateUser, validateOtp
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-23 00:19

140.9 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 15.197.129.158
Domain: www.brannkorpset.com
Port: 80
URL: http://www.brannkorpset.com

First seen 2025-02-15 20:59
Last seen 2026-01-03 00:38
Open for 321 days

Severity: medium
Fingerprint: 5f32cf5d6962f09cd4047824d4047824b5b9e0ea89d882d836c8407353fe4390

Found 35 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/icon.png
/icon.svg
/images
/images/album_generic.jpeg
/images/background_color.jpg
/images/background_wide.jpg
/images/bg-bubplastic-button.gif
/images/bg-bubplastic-h-blue.gif
/images/bg-bubplastic-h-gray.gif
/images/bg-bubplastic-h-lime.gif
/images/bg-bubplastic-h-red.gif
/images/bg-bubplastic.gif
/images/bjorn_sebak.jpg
/images/gunnar_thorstensen.jpg
/images/header_image.jpg
/images/header_image.psd
/images/header_image3.png
/images/header_image_transp.png
/images/icons
/images/jan_ytrearne.jpg
/images/kenneth.jpg
/images/photo_placeholder.jpg
/images/placeholder.jpg
/images/plakat_konsert_2011.png
/images/progressbar.gif
/images/rails.png
/images/svein_teigland.jpg
/images/tor_bjorkaas.jpg
/images/torkjell_helle.jpg
/robots.txt

Found on 2026-01-03 00:38

Severity: low
Fingerprint: 5f32cf5d6962f09c3af247253af24725306252999186d6d1f2d2d52c81dce637

Found 9 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/icon.png
/icon.svg
/images
/robots.txt

Found on 2025-06-16 01:26

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
Found on 2025-02-18 02:01

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.comgy-testing.club
Port: 443
URL: https://api.comgy-testing.club

First seen 2025-11-18 01:28
Last seen 2026-01-03 00:22
Open for 45 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 00:22

123.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging.api.intergasxpert.nl
Port: 443
URL: https://staging.api.intergasxpert.nl

First seen 2025-11-15 00:00
Last seen 2026-01-03 00:05
Open for 49 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa390791a358f929cb7685db2d13acaeabce5cb7398

GraphQL introspection enabled at /graphql
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2026-01-03 00:05

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e41399e61e08b8968a0c3716da7567af6bda3693

GraphQL introspection enabled at /graphql
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-01 09:37

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3500cd15bf189b6d97367b45775da774028f2f4a9b4

GraphQL introspection enabled at /api
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-11-15 00:00

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-15 00:00

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: skalstugansstiftelse.cpms46.se
Port: 443
URL: https://skalstugansstiftelse.cpms46.se

First seen 2025-11-11 06:52
Last seen 2026-01-02 23:57
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 23:57
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: test.api.intergasxpert.nl
Port: 443
URL: https://test.api.intergasxpert.nl

First seen 2025-12-02 00:52
Last seen 2026-01-02 23:38
Open for 31 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa390791a358f929cb7685db2d13acaeabce5cb7398

GraphQL introspection enabled at /graphql
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2026-01-02 23:38

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350b2f9387ac031512a87f20fe29145a9433ed33d47

GraphQL introspection enabled at /api
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-05 00:00

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-05 00:00

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e41399e61e08b8968a0c3716da7567af6bda3693

GraphQL introspection enabled at /graphql
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-02 00:52

262.9 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: winkt.io
Port: 443
URL: https://winkt.io

First seen 2025-11-01 06:48
Last seen 2026-01-02 23:37
Open for 62 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa326b8a14410a6a308976f6f8875dd15058bb68971

GraphQL introspection enabled at /graphql
Types: 64 (by kind: ENUM: 4, INPUT_OBJECT: 19, OBJECT: 36, SCALAR: 5)
Operations:
- Query: Query | fields: getFeaturedAnimations, tattoo, tattooAnimations, tattoos, tattoosFeaturedOnArtist
- Mutation: Mutation | fields: addArtist, addTattoo, addTattooAnimation, addTattoos, sendRequestAnimationMail
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 23:37

92.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: staging.api.admin.kdgh.de
Port: 80
URL: http://staging.api.admin.kdgh.de

First seen 2025-11-15 01:30
Last seen 2026-01-02 23:08
Open for 48 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6c8b45670200f5874f98b1b9d40dee56b53c4ccab
```
GraphQL introspection enabled at /api/graphql
Types: 157 (by kind: ENUM: 15, INPUT_OBJECT: 67, INTERFACE: 9, OBJECT: 57, SCALAR: 9)
Operations:
- Query: Query | fields: auditEvents, dataProcessingActivities, node, personSearch, persons
- Mutation: Mutation | fields: createCourse, createPerson, deletePerson, updateCourse, updatePerson
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 23:08
  
  159.3 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: s.messe.no
Port: 443
URL: https://s.messe.no

First seen 2025-11-28 00:38
Last seen 2026-01-02 22:51
Open for 35 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-02 22:51

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-11-30 12:00

512.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.hubbo.io
Port: 443
URL: https://api.hubbo.io

First seen 2025-11-14 02:12
Last seen 2026-01-02 22:40
Open for 49 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e4a875b1d0c530b3d560e81017d2632ef0101968

GraphQL introspection enabled at /graphql
Types: 70 (by kind: ENUM: 7, INPUT_OBJECT: 9, OBJECT: 47, SCALAR: 7)
Operations:
- Query: Query | fields: client_getCurrentAccount, getAllAccounts, getCurrentAccount, getCurrentAccountPermissions, signin
- Mutation: Mutation | fields: createAccount, removeAccount, resetPassword, signup, updateAccount
- Subscription: Subscription | fields: accountCreated, accountDeleted, accountUpdated, client_accountCreated, client_accountUpdated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 22:40

93.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-11 13:28

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: parkering.fabege.se
Port: 443
URL: https://parkering.fabege.se

First seen 2025-11-24 04:26
Last seen 2026-01-02 22:35
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 22:35
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.fillit.com
Port: 443
URL: https://www.fillit.com

First seen 2025-11-10 01:03
Last seen 2026-01-02 22:28
Open for 53 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa314dad5538f763d11fd3f9f076610301a2249f3e6

GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 2, INPUT_OBJECT: 2, OBJECT: 34, SCALAR: 6)
Operations:
- Query: Query | fields: amenities, amenitiesByOrganisation, cartBookings, getUser, listing
- Mutation: Mutation | fields: createBooking, deleteBooking
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 22:28

71.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa314dad5538f763d11a67dd9160e730fc975580cf5

GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 2, INPUT_OBJECT: 2, OBJECT: 34, SCALAR: 6)
Operations:
- Query: Query | fields: amenities, cartBookings, getUser, listing, listingGroup
- Mutation: Mutation | fields: createBooking, deleteBooking
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-16 21:32

67.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.community.24baby.nl
Port: 443
URL: https://api.community.24baby.nl

First seen 2025-11-19 00:32
Last seen 2026-01-02 22:23
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b4ca487c72215bc0d7f9c3620abc3244ad72ee83

GraphQL introspection enabled at /graphql
Types: 636 (by kind: ENUM: 127, INPUT_OBJECT: 190, INTERFACE: 15, OBJECT: 294, SCALAR: 8, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 22:23

647.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa344c9c6bd4c7ac65fda7f843d275b7d89ca4c5ac8

GraphQL introspection enabled at /graphql
Types: 630 (by kind: ENUM: 127, INPUT_OBJECT: 189, INTERFACE: 15, OBJECT: 290, SCALAR: 7, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-14 09:56

646.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-23 17:33

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3f94152ef9f6e9ebd6fa7964705770b936dc151d2

GraphQL introspection enabled at /graphql
Types: 624 (by kind: ENUM: 125, INPUT_OBJECT: 187, INTERFACE: 15, OBJECT: 288, SCALAR: 7, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-21 15:54

643.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: users-api.ayamedica.com
Port: 443
URL: https://users-api.ayamedica.com

First seen 2025-10-19 22:24
Last seen 2026-01-02 22:17
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39e84629942b1dffbe098365369f7593f315cdf3f

GraphQL introspection enabled at /graphql
Types: 63 (by kind: ENUM: 7, INPUT_OBJECT: 12, OBJECT: 34, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfUserExistsByEmail, checkIfUserExistsByPhoneNumber, checkIfUserExistsByPhoneNumberForWeb, me, readMyAppSettings
- Mutation: Mutation | fields: changeMyPassword, completeMyInformation, createADefaultPassword, createAndAddStudentToSchool, createAndAddSubuserToMyAccount
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 16)

Found on 2026-01-02 22:17

88.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39e84629942b1dffbe098365369f7593f325ce080

GraphQL introspection enabled at /graphql
Types: 63 (by kind: ENUM: 7, INPUT_OBJECT: 12, OBJECT: 34, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfUserExistsByEmail, checkIfUserExistsByPhoneNumber, checkIfUserExistsByPhoneNumberForWeb, me, readMyAppSettings
- Mutation: Mutation | fields: changeMyPassword, completeMyInformation, createADefaultPassword, createAndAddStudentToSchool, createAndAddSubuserToMyAccount
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Found on 2025-10-19 22:24

88.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: lookups-api.ayamedica.com
Port: 443
URL: https://lookups-api.ayamedica.com

First seen 2025-10-19 22:21
Last seen 2026-01-02 22:17
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec201bc1efe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 22:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c1e9a46e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-27 02:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cd44cbf4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 22:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2966e62f2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-23 06:51

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a6d9452e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e52e80d0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f5a6f2b4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2261ccdb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cb9881cc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-20 23:53

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27a89d40a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 22:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27aff364a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-16 20:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203534222

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-13 07:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cff4a630

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-11 09:12

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2df774d28

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-01 05:22

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec217c05168

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-29 11:50

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d00263de

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-27 06:25

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec242d9453c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-23 05:29

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eef0cb1a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-20 23:15

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28af18d52

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-16 13:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236f12386

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 15:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d2e3927c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-12 14:55

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 18:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f44cb372

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 14:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b2760eaa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-06 18:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-04 14:49

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20168d916

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 03:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ac87ea22

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea87a91a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec255f2cf1e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec224611340

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec293cbf212

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-01 21:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f6a3a19e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 21:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e6325c82

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23ae5b778

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21c58dbc2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b418d948

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 13:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fde024f0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-24 09:59

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db47adb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-22 11:38

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec273afbc8e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec278719574

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20fcf623c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging-ims-proxy-be.kivunova.com
Port: 80
URL: http://staging-ims-proxy-be.kivunova.com

First seen 2025-11-11 02:46
Last seen 2026-01-02 22:05
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa388c0849874618a7c3303b3e942a0936922a85d7f

GraphQL introspection enabled at /graphql
Types: 144 (by kind: ENUM: 9, INPUT_OBJECT: 62, OBJECT: 70, SCALAR: 3)
Operations:
- Query: Query | fields: getStoreDetails, listCompanyUsers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2026-01-02 22:05

112.9 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c13b21bdb2dd8f5f0fdcb528c7fb8328d23e1f78

GraphQL introspection enabled at /graphql
Types: 136 (by kind: ENUM: 9, INPUT_OBJECT: 58, OBJECT: 66, SCALAR: 3)
Operations:
- Query: Query | fields: getStoreDetails, listCompanyUsers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2025-12-24 21:42

106.9 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c13b21bdb2dd8f5fe0268b02b9d9cbe6cb919506

GraphQL introspection enabled at /graphql
Types: 136 (by kind: ENUM: 9, INPUT_OBJECT: 58, OBJECT: 66, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2025-12-18 23:18

105.2 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34788eefed772fe2e231e8b81e3e58811b50691d7

GraphQL introspection enabled at /graphql
Types: 126 (by kind: ENUM: 9, INPUT_OBJECT: 53, OBJECT: 61, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2025-12-16 19:41

100.1 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39b50c385d932d6474a774d0a0a947e3ea252c15b

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 9, INPUT_OBJECT: 53, OBJECT: 59, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Found on 2025-12-02 06:13

98.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3564a0a130a7e5b519628d04c709e2e0c270c3365

GraphQL introspection enabled at /graphql
Types: 120 (by kind: ENUM: 8, INPUT_OBJECT: 51, OBJECT: 58, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Found on 2025-12-01 04:29

95.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31f27e6e9bbee71cbdc682c5520a1bc3526a908f6

GraphQL introspection enabled at /graphql
Types: 90 (by kind: ENUM: 6, INPUT_OBJECT: 43, OBJECT: 35, SCALAR: 3, UNION: 3)
Operations:
- Query: Query | fields: getCustomer, listCompanyUsers, listCustomers, listStoreUsers, validateToken
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Found on 2025-11-23 00:01

74.1 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.humanshine.com
Port: 80
URL: http://api.humanshine.com

First seen 2025-11-23 02:01
Last seen 2026-01-02 21:59
Open for 40 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387fdf86dc970ed4f371bb50274d3b0e2d39638ba

GraphQL introspection enabled at /graphql
Types: 204 (by kind: ENUM: 26, INPUT_OBJECT: 4, INTERFACE: 8, OBJECT: 158, SCALAR: 8)
Operations:
- Query: Query | fields: annualLeaveSummaries, companies, defaultNotificationSettings, departments, documents
- Mutation: Mutation | fields: acceptInvite, approveLeaveRequest, bulkImport, calculateDaysOff, createCompany
- Subscription: Subscription | fields: birthdayComingIn, documentShared, finishingIn, leaveRequestApproved, leaveRequestCreated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 21:59

221.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: participa.sostrecivic.coop
Port: 443
URL: https://participa.sostrecivic.coop

First seen 2025-11-21 00:18
Last seen 2026-01-02 21:59
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350ad137b3032913ab4b8bf18ff857d6519b71dd6c8

GraphQL introspection enabled at /api
Types: 61 (by kind: ENUM: 2, INTERFACE: 8, OBJECT: 44, SCALAR: 7)
Operations:
- Query: Query | fields: assemblies, assembly, commentable, component, decidim
- Mutation: Mutation | fields: comment, commentable
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
decidim (args: none) : version=0.20.0 applicationName=My Application Name rubyVersion=2.6.1
organization (args: none) : name=Sostre Cívic

Found on 2026-01-02 21:59

88.9 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350ad137b3032913ab4b8bf18ff857d6519cdef0af6

GraphQL introspection enabled at /api
Types: 61 (by kind: ENUM: 2, INTERFACE: 8, OBJECT: 44, SCALAR: 7)
Operations:
- Query: Query | fields: assemblies, assembly, commentable, component, decidim
- Mutation: Mutation | fields: comment, commentable
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
decidim (args: none) : applicationName=My Application Name rubyVersion=2.6.1 version=0.20.0
organization (args: none) : name=Sostre Cívic

Found on 2025-12-27 01:14

88.9 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350ad137b3032913ab4b8bf18ff857d6519d1bf4428

GraphQL introspection enabled at /api
Types: 61 (by kind: ENUM: 2, INTERFACE: 8, OBJECT: 44, SCALAR: 7)
Operations:
- Query: Query | fields: assemblies, assembly, commentable, component, decidim
- Mutation: Mutation | fields: comment, commentable
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
decidim (args: none) : rubyVersion=2.6.1 version=0.20.0 applicationName=My Application Name
organization (args: none) : name=Sostre Cívic

Found on 2025-12-25 04:28

88.9 kBytes 4 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: cms.bertjonk-autoverhuur.nl
Port: 443
URL: https://cms.bertjonk-autoverhuur.nl

First seen 2025-11-26 01:02
Last seen 2026-01-02 21:50
Open for 37 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36e93f2fdd09b221fe4080ae18f4f31f129251f45
```
GraphQL introspection enabled at /graphql
Types: 198 (by kind: ENUM: 8, INPUT_OBJECT: 69, OBJECT: 112, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: uploadFile, uploadFiles, uploadFolder, uploadFolders, usersPermissionsRole
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 21:50
  
  264.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: mijnipp.roosvanleary.com
Port: 443
URL: https://mijnipp.roosvanleary.com

First seen 2025-10-29 13:13
Last seen 2026-01-02 21:47
Open for 65 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6c6d5efe89a32474cc1f2c6f5bf8a4d58bea4dcca
```
GraphQL introspection enabled at /api/graphql
Types: 66 (by kind: ENUM: 6, INPUT_OBJECT: 11, OBJECT: 42, SCALAR: 7)
Operations:
- Query: RootQueryType | fields: accountancy, basePrice, companies, freeTests, knowledgeBase
- Mutation: RootMutationType | fields: activateUser, archiveProject, completeFreeTest, completeQuestionnaire, createCompany
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 21:47
  
  90.6 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.fourier-academy.com
Port: 443
URL: https://api.fourier-academy.com

First seen 2025-10-21 09:56
Last seen 2026-01-02 21:37
Open for 73 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3191ed954ea882498c065caf67cbf2e587c50dfca
```
GraphQL introspection enabled at /graphql
Types: 151 (by kind: ENUM: 6, INPUT_OBJECT: 45, OBJECT: 90, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: i18NLocale, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 21:37
  
  191.8 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.fourier-academy.com
Port: 80
URL: http://api.fourier-academy.com

First seen 2025-10-21 09:56
Last seen 2026-01-02 21:37
Open for 73 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3191ed954ea882498c065caf67cbf2e587c50dfca
```
GraphQL introspection enabled at /graphql
Types: 151 (by kind: ENUM: 6, INPUT_OBJECT: 45, OBJECT: 90, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: i18NLocale, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 21:37
  
  191.8 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: admin.ghanizadev.com
Port: 443
URL: https://admin.ghanizadev.com

First seen 2025-10-21 10:26
Last seen 2026-01-02 21:25
Open for 73 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2026-01-02 21:25
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6803b527ca10d09c0d9321a105426c7ab20d937d7
```
GraphQL introspection enabled at /api/graphql
Types: 1809 (by kind: ENUM: 42, INPUT_OBJECT: 330, OBJECT: 1428, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: User, Users, countUsers, docAccessUser, meUser
- Mutation: Mutation | fields: createUser, deleteUser, logoutUser, refreshTokenUser, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2025-11-29 14:51
  
  1.2 MBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.raceflow.io
Port: 443
URL: https://www.raceflow.io

First seen 2024-12-27 00:11
Last seen 2026-01-02 19:47
Open for 371 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 19:47
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: pickaband.com
Port: 443
URL: https://pickaband.com

First seen 2024-12-17 10:31
Last seen 2026-01-02 19:39
Open for 381 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c575112a7575112a7e0aa0ed88206ba54163fe0635706d688

Found 102 files trough .DS_Store spidering:

/audio
/system
/uploads
/uploads/tmp
/uploads/tmp/1544094159-1924-0001-7560
/uploads/tmp/1544095130-2081-0001-1657
/uploads/tmp/1544095211-2081-0002-5743
/uploads/tmp/1544095699-2513-0001-6121
/uploads/tmp/1544095876-2595-0001-5167
/uploads/tmp/1544095899-2595-0002-7767
/uploads/tmp/1544098003-2595-0003-3003
/uploads/tmp/1544098154-2924-0001-1886
/uploads/tmp/1544098208-2924-0002-3694
/uploads/tmp/1550243553-4424-0001-2379
/uploads/tmp/1559652344-5815-0001-2673
/uploads/tmp/1559653441-5815-0002-2030
/uploads/tmp/1559653442-5815-0003-6577
/uploads/tmp/1559653466-5815-0004-3285
/uploads/tmp/1559653568-5815-0005-8162
/uploads/tmp/1559653611-5815-0006-6806
/uploads/tmp/1559653648-5815-0007-1697
/uploads/tmp/1568037011-3840-0019-7015
/uploads/tmp/1568041202-6481-0001-3726
/uploads/tmp/1568816168-4656-0001-8480
/uploads/tmp/1568816203-4656-0002-7401
/uploads/tmp/1568991762-6896-0003-6748
/uploads/tmp/1569245641-7210-0001-2661
/uploads/tmp/1570480229-6008-0001-0573
/uploads/tmp/1570480268-6008-0002-2284
/uploads/tmp/1570480342-6008-0003-4516
/uploads/tmp/1570480737-6008-0005-6454
/uploads/tmp/1570481114-6279-0001-0328
/uploads/tmp/1570714852-48464-0003-3138
/uploads/tmp/1570802023-4639-0001-2104
/uploads/tmp/1570802063-4639-0002-3763
/uploads/tmp/1570802079-4639-0003-7794
/uploads/tmp/1570802169-4639-0004-8330
/uploads/tmp/1570802330-4639-0006-8044
/uploads/tmp/1570802626-4639-0010-6137
/uploads/tmp/1570802776-4639-0011-5421
/uploads/tmp/1570805817-4639-0013-6022
/uploads/tmp/1570807868-4639-0019-1714
/uploads/tmp/1571056747-4726-0002-5755
/uploads/tmp/1572341961-1198-0001-4703
/uploads/tmp/1572346364-1198-0004-3301
/uploads/tmp/1572346797-28853-0001-9522
/uploads/tmp/1572346997-28853-0002-9585
/uploads/tmp/1572347045-28853-0003-2116
/uploads/tmp/1572347162-28853-0004-0399
/uploads/tmp/1572451125-37829-0001-5287
/uploads/tmp/1572451237-37829-0002-9395
/uploads/tmp/1572451246-37829-0003-2204
/uploads/tmp/1572451307-37829-0004-9998
/uploads/tmp/1579182373-4609-0003-3076
/uploads/tmp/1579182686-4609-0004-1609
/uploads/tmp/1579531794-1696-0001-1978
/uploads/tmp/1579531830-1696-0002-6703
/uploads/tmp/1579531880-1696-0003-6321
/uploads/tmp/1580904491-4546-0001-7617
/uploads/tmp/1580904516-4546-0002-6551
/uploads/tmp/1580905915-4546-0004-0692
/uploads/tmp/1580906269-4546-0005-8079
/uploads/tmp/1580906291-4546-0006-8039
/uploads/tmp/1580909449-4546-0007-0974
/uploads/tmp/1580909526-4546-0008-9499
/uploads/tmp/1580913633-4546-0010-6962
/uploads/tmp/1580913677-4546-0011-6222
/uploads/tmp/1580913698-4546-0012-7822
/uploads/tmp/1580913903-4546-0013-7837
/uploads/tmp/1580915687-4546-0014-1127
/uploads/tmp/1580917856-16576-0003-8184
/uploads/tmp/1580917875-16576-0004-0174
/uploads/tmp/1580917896-16576-0005-8950
/uploads/tmp/1580918111-16576-0006-6036
/uploads/tmp/1580918120-16576-0007-2309
/uploads/tmp/1580918724-16576-0010-2426
/uploads/tmp/1580984002-1794-0006-3620
/uploads/tmp/1583498690-66750-0001-8281
/uploads/tmp/1583498890-66750-0002-9703
/uploads/tmp/1583499334-66750-0003-0904
/uploads/tmp/1583499358-66749-0001-2926
/uploads/tmp/1583499607-66749-0002-9300
/uploads/tmp/1583499662-66749-0003-1153
/uploads/tmp/1583499910-66750-0004-2505
/uploads/tmp/1583500017-66749-0004-9129
/uploads/tmp/1583500058-66749-0005-3226
/uploads/tmp/1583501562-67642-0001-9464
/uploads/tmp/1583502227-67642-0002-0719
/uploads/tmp/1583502306-67643-0002-8722
/uploads/tmp/1583502336-67643-0003-7714
/uploads/tmp/1583502380-67642-0003-0961
/uploads/tmp/1601455728-1590-0002-3825
/uploads/tmp/1699456637-16203-0001-7280
/uploads/tmp/1699457674-19245-0001-1407
/uploads/tmp/1699612836-5352-0001-3817
/uploads/tmp/1699617067-7867-0001-6891
/uploads/tmp/1700056225-9452-0001-5145
/uploads/tmp/1700056305-9451-0001-5755
/uploads/tmp/1700056324-9451-0002-8754
/uploads/tmp/1700056564-10332-0001-7796
/uploads/tmp/1721220728-530766577892206-0001-1305
/uploads/tmp/1721222033-574015857537163-0002-1057

Found on 2026-01-02 19:39

Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f09968c30735b432cd3bab40bd3bab40b
```
Found 3 files trough .DS_Store spidering:

/audio
/system
/uploads
```
Found on 2025-10-04 00:04

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: fredsfors.park46.se
Port: 443
URL: https://fredsfors.park46.se

First seen 2025-12-02 00:42
Last seen 2026-01-02 19:35
Open for 31 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 19:35
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.restorativ.co
Port: 80
URL: http://api.restorativ.co

First seen 2025-12-04 00:04
Last seen 2026-01-02 19:34
Open for 29 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa391e25eac7ab5b8b0437e662526a24d7a11af447a

GraphQL introspection enabled at /graphql
Types: 337 (by kind: ENUM: 2, INPUT_OBJECT: 10, INTERFACE: 1, OBJECT: 318, SCALAR: 6)
Operations:
- Query: Query | fields: administrativeRegions, allOrganizationBookings, allTrainingVenues, assessment, bookingActivityOverview
- Mutation: Mutation | fields: acceptContract, acceptGroundRules, acknowledgeChatGptUse, addAdminToOrganization, addAdministrativeRegion
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 19:34

567.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-23 01:18

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39adb844aa185cf7abc76770b35984b248cadc8dc

GraphQL introspection enabled at /graphql
Types: 321 (by kind: ENUM: 2, INPUT_OBJECT: 10, INTERFACE: 1, OBJECT: 302, SCALAR: 6)
Operations:
- Query: Query | fields: administrativeRegions, allOrganizationBookings, allTrainingVenues, assessment, bookingActivityOverview
- Mutation: Mutation | fields: acceptContract, acceptGroundRules, acknowledgeChatGptUse, addAdminToOrganization, addAdministrativeRegion
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-16 22:13

544.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: cms.catalog.lear.com
Port: 80
URL: http://cms.catalog.lear.com

First seen 2025-10-24 00:33
Last seen 2026-01-02 19:18
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3504c44323ea81bc2b05a8cbf158e5de32319904f

GraphQL introspection enabled at /graphql
Types: 468 (by kind: ENUM: 14, INPUT_OBJECT: 137, OBJECT: 302, SCALAR: 11, UNION: 4)
Operations:
- Query: Query | fields: menusMenu, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 19:18

623.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.sleeve.fm
Port: 443
URL: https://api.sleeve.fm

First seen 2025-11-15 01:50
Last seen 2026-01-02 19:14
Open for 48 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37ea6780cc7e1c3505dfb231711fee113ca283b3b

GraphQL introspection enabled at /graphql
Types: 331 (by kind: ENUM: 33, INPUT_OBJECT: 94, OBJECT: 187, SCALAR: 8, UNION: 9)
Operations:
- Query: Query | fields: accounts, albumByArtistIdSlug, albumById, albumBySlug, albums
- Mutation: Mutation | fields: acceptInvite, acceptTierInvite, addCampaignInvite, addPaymentMethod, addTierInvite
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 19:14

399.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3556969d97fd783bb687e25ccb3c2bfa67979b602

GraphQL introspection enabled at /graphql
Types: 328 (by kind: ENUM: 33, INPUT_OBJECT: 93, OBJECT: 186, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accounts, albumByArtistIdSlug, albumBySlug, albums, allAlbums
- Mutation: Mutation | fields: acceptInvite, acceptTierInvite, addCampaignInvite, addPaymentMethod, addTierInvite
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-10 22:21

395.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37a5b24071e1dc1b57fe80052f4276eec12a68efc

GraphQL introspection enabled at /graphql
Types: 324 (by kind: ENUM: 33, INPUT_OBJECT: 92, OBJECT: 183, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accounts, albumByArtistIdSlug, albumBySlug, albums, allAlbums
- Mutation: Mutation | fields: acceptInvite, acceptTierInvite, addCampaignInvite, addPaymentMethod, addTierInvite
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-30 22:54

390.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: content.muenchner-freiheit.de
Port: 80
URL: http://content.muenchner-freiheit.de

First seen 2025-10-29 06:13
Last seen 2026-01-02 19:11
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1959fcb93

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-12-30T10:49:30.817Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2026-01-02 19:11

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b186129fa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-27 05:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1995723af

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-21 01:48

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1e6f8fde7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-12-19 05:02

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1cc966ea7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-12-17 02:18

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1f17be25b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-13 17:19

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b168e2efa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-12-10 22:05

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b123b50381

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1327d55dd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1453d64d3

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-30 16:53

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1034d14cd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-28 13:16

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b115e1536f

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-22 14:31

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1321bac77

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-20 16:46

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1f13c198f

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-16 07:17

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b17a879755

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-12 06:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180c75764

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-10 06:36

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b12dc3d2de

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-08 04:27

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1de647432

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-06 11:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1bccfc226

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-04 05:42

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1263755c8

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-02 10:32

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180916aa4

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1d758e830

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b16c7d2ace

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b17073818a

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: sws-mgm.comgy-testing.club
Port: 443
URL: https://sws-mgm.comgy-testing.club

First seen 2025-11-14 01:43
Last seen 2026-01-02 19:09
Open for 49 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b
```
GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 19:09
  
  123.0 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-20 10:51
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: admin.ghanizadev.com
Port: 80
URL: http://admin.ghanizadev.com

First seen 2025-10-21 10:26
Last seen 2026-01-02 19:05
Open for 73 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2026-01-02 19:05
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6803b527ca10d09c0d9321a105426c7ab20d937d7
```
GraphQL introspection enabled at /api/graphql
Types: 1809 (by kind: ENUM: 42, INPUT_OBJECT: 330, OBJECT: 1428, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: User, Users, countUsers, docAccessUser, meUser
- Mutation: Mutation | fields: createUser, deleteUser, logoutUser, refreshTokenUser, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2025-11-29 14:51
  
  1.2 MBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.ivandry.com
Port: 443
URL: https://api.ivandry.com

First seen 2025-11-21 00:39
Last seen 2026-01-02 19:02
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ff2ef67742edf565351e8c18f8235edf3f1da21f

GraphQL introspection enabled at /graphql
Types: 24 (by kind: ENUM: 3, INPUT_OBJECT: 1, OBJECT: 14, SCALAR: 6)
Operations:
- Query: Query | fields: chatGetMessages, chatGetThreads, getEventRecords, ivaseekGetPlaces
- Subscription: Subscription | fields: chatCreatedMessage, chatUpdatedMessage, createdRecord, deletedRecord, votedRecord
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)

Found on 2026-01-02 19:02

32.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: dev-backend.mechis.cz
Port: 443
URL: https://dev-backend.mechis.cz

First seen 2025-10-25 07:56
Last seen 2026-01-02 18:59
Open for 69 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31c95f0f9295a649b322fd57929a6944b5f67c07e

GraphQL introspection enabled at /graphql
Types: 164 (by kind: ENUM: 5, INPUT_OBJECT: 73, OBJECT: 78, SCALAR: 8)
Operations:
- Query: Query | fields: attachment, attachmentByStorageName, attachments, attachmentsByDeviceAndFiltersAndTags, attachmentsByMimeTypes
- Mutation: Mutation | fields: createAttachment, createDevice, deleteAttachment, updateAttachment, updateDevice
Directives: deprecated, include, skip, specifiedBy, validateOdometerToDate (total: 5)

Found on 2026-01-02 18:59

232.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa317434fa1b24bb963f0fb48b10d1699f317821756

GraphQL introspection enabled at /graphql
Types: 163 (by kind: ENUM: 5, INPUT_OBJECT: 73, OBJECT: 77, SCALAR: 8)
Operations:
- Query: Query | fields: attachment, attachmentByStorageName, attachments, attachmentsByDeviceAndFiltersAndTags, attachmentsByMimeTypes
- Mutation: Mutation | fields: createAttachment, createDevice, deleteAttachment, updateAttachment, updateDevice
Directives: deprecated, include, skip, specifiedBy, validateOdometerToDate (total: 5)

Found on 2025-12-27 05:26

229.3 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: priedemann.cpms46.se
Port: 443
URL: https://priedemann.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 18:58
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:58
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: app.jerico.ai
Port: 443
URL: https://app.jerico.ai

First seen 2025-11-07 16:02
Last seen 2026-01-02 18:52
Open for 56 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d1aa48da11aa48da11aa48da11aa48da1
```
Found 1 files trough .DS_Store spidering:

/favicon.ico
```
  Found on 2026-01-02 18:52
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: newmandate.o3cards.com
Port: 443
URL: https://newmandate.o3cards.com

First seen 2025-11-25 00:54
Last seen 2026-01-02 18:50
Open for 38 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d61428fa16245259c6de5c78ad766d5a6382c8c673
```
GraphQL introspection enabled at /api/graphql
Types: 86 (by kind: ENUM: 2, INPUT_OBJECT: 4, OBJECT: 75, SCALAR: 5)
Operations:
- Query: Query | fields: findOrg, getConfig, getOperationDate, getOrgs, getTransac
- Mutation: Mutation | fields: createAccount, createIcadAccountCif, createOrg, createTransac, updateOrg
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 18:50
  
  158.7 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-11-25 00:54
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: solporten.park46.se
Port: 443
URL: https://solporten.park46.se

First seen 2025-10-27 00:50
Last seen 2026-01-02 18:32
Open for 67 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:32
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: beta.polizeiticker.at
Port: 443
URL: https://beta.polizeiticker.at

First seen 2025-11-21 02:19
Last seen 2026-01-02 18:27
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:27
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: go.duocards.com
Port: 80
URL: http://go.duocards.com

First seen 2025-11-22 01:15
Last seen 2026-01-02 18:14
Open for 41 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3604b202c00d8793009843ffcebc244e91a4677bd

GraphQL introspection enabled at /graphql
Types: 107 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 78, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 18:14

170.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa353df1b225d341c72a9f6110ebfa9c6876c7f05bb

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 77, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-14 03:56

167.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-26 14:12

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: th-apac.smile-view.com
Port: 80
URL: http://th-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 18:05
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f012485b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 18:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751da7809af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 23:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 18:36

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 20:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c4ea55cf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 23:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b8f77893

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 22:14

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775107cb2291

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-16 20:12

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751407da9d5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 07:08

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519b570aa9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-11 09:18

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513c6cf323

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512e06ad15

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515c640d17

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-28 13:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775115320aff

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 15:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775126b21ecb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-20 14:15

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2f08f27d7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:37

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e27647fea7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e23818e5b3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: 126000-0617-4242-0001.production.h.bitsof.love
Port: 443
URL: https://126000-0617-4242-0001.production.h.bitsof.love

First seen 2025-10-20 01:06
Last seen 2026-01-02 17:53
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fd691b9a9a0e940a1eba54cc3ae5cfe16783ba01

GraphQL introspection enabled at /graphql
Types: 131 (by kind: ENUM: 11, INPUT_OBJECT: 4, INTERFACE: 4, OBJECT: 101, SCALAR: 9, UNION: 2)
Operations:
- Query: Query | fields: businessMatchdayPage, businessMatchdayPageArrangement, clubbruggeTeam, primaryClubbruggeTeam, primaryContentPage
Directives: cacheControl, deprecated, fallback, fromField, include, mongooseForeignReference, optimizedImage, responsiveImage, serviceIdToInt, skip (total: 11)

Readable stores: 0

Found on 2026-01-02 17:53

143.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.carte-des-pharmacies.com
Port: 443
URL: https://www.carte-des-pharmacies.com

First seen 2025-11-22 02:34
Last seen 2026-01-02 17:52
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36b59a51ebcb9400e22c2226c6543609eb7aa17ee
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, OBJECT: 12, SCALAR: 5)
Operations:
- Query: Query | fields: pharmacies, pharmaciesAround, pharmacy
- Mutation: Mutation | fields: testField
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 17:52
  
  24.7 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: boost.tequila.ink
Port: 80
URL: http://boost.tequila.ink

First seen 2025-12-10 00:07
Last seen 2026-01-02 17:51
Open for 23 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 17:51
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: au-apac.smile-view.com
Port: 80
URL: http://au-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 17:48
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775144ed6943

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 17:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751860630e3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 20:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519c5d7b7f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 21:45

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b95149f7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 03:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775145338651

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 03:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 23:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 19:47

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775162985919

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-13 11:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513d810e9f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775175589607

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a356f487

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775105e6dc39

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 20:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c18765b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 15:11

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751760dab47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 18:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775165621323

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:51

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751db9c2a3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-21 10:24

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2da7af5e7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : skip=0 total=0 limit=100
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : total=34 limit=100 skip=0
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-18 06:21

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2e54fd451

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-16 21:33

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e253367f3b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e251b4a6b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : skip=0 total=0 limit=100
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25885a5d3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : total=3 limit=100 skip=0
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: bi.newsoftds.pt
Port: 443
URL: https://bi.newsoftds.pt

First seen 2025-11-13 15:32
Last seen 2026-01-02 17:44
Open for 50 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35aee7a8da59d52af3fd10a3131990b197f7925dd

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 2, OBJECT: 47, SCALAR: 6)
Operations:
- Query: Query | fields: hello, info, municipiosEstatisticas, orcamentoIndicadores, orcamentoOnlineIndicadores
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-02 17:44

98.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35aee7a8da59d52af3fd10a3131990b193ad76085

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 2, OBJECT: 47, SCALAR: 6)
Operations:
- Query: Query | fields: hello, info, municipiosEstatisticas, orcamentoIndicadores, orcamentoOnlineIndicadores
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-29 13:33

98.1 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.spelfriheten.se
Port: 443
URL: https://api.spelfriheten.se

First seen 2025-12-10 00:28
Last seen 2026-01-02 17:29
Open for 23 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa34cbd5979450db21b910e7a5dc2d376b003548463
```
GraphQL introspection enabled at /graphql
Types: 217 (by kind: ENUM: 12, INPUT_OBJECT: 27, INTERFACE: 2, OBJECT: 74, SCALAR: 72, UNION: 30)
Operations:
- Query: Query | fields: allAdmins, allUsers, me, user, userList
- Mutation: Mutation | fields: login, setupProfile, signup, updateProfile, uploadAvatar
Directives: auth, deprecated, include, oneOf, skip, specifiedBy (total: 6)
```
  Found on 2026-01-02 17:29
  
  121.5 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: content.muenchner-freiheit.de
Port: 443
URL: https://content.muenchner-freiheit.de

First seen 2025-10-29 06:13
Last seen 2026-01-02 17:13
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b13c44504d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-12-30T10:49:30.817Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2026-01-02 17:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1b04ea211

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-26 21:35

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b10a732e3d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-24 23:18

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1beb9f9ff

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-23 01:43

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b123b50381

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-20 14:49

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1327d55dd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-18 16:21

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b167cd6b0b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-13 02:46

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b186129fa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 15:12

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1b83f7e17

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b176dfb18b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b15ecc9cf9

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b11d32050d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-29 02:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1cc966ea7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-22 20:37

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b11b0afd81

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-20 22:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b135731bb5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-16 10:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1453d64d3

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-12 06:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180c75764

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-10 06:36

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1d758e830

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-08 04:27

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b147921c8a

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-04 05:42

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1263755c8

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-02 10:32

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19eb96636

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-01 04:44

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b12116d430

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b120239506

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19104d47c

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19e090134

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: dev-wastescanner-api.dns.waste-scanner.com
Port: 80
URL: http://dev-wastescanner-api.dns.waste-scanner.com

First seen 2025-11-13 02:13
Last seen 2026-01-02 16:30
Open for 50 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa33fa935e17901c323c71f95b968f54d3ec79b224e
```
GraphQL introspection enabled at /graphql
Types: 199 (by kind: ENUM: 33, INPUT_OBJECT: 34, INTERFACE: 1, OBJECT: 121, SCALAR: 10)
Operations:
- Query: Query | fields: abilities, classifiers, me, users, version
- Mutation: Mutation | fields: createReport, deleteDocument, deleteReport, deleteUser, uploadDocument
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 16:30
  
  314.9 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.crm.goscribe.co.uk
Port: 80
URL: http://api.crm.goscribe.co.uk

First seen 2025-11-17 01:06
Last seen 2026-01-02 16:30
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b34fcd96685d2046e8b67ed60f636861c7a8414e

GraphQL introspection enabled at /graphql
Types: 70 (by kind: ENUM: 2, INPUT_OBJECT: 16, OBJECT: 47, SCALAR: 5)
Operations:
- Query: root | fields: companies, job_statuses, me, titles, users
- Mutation: mutation | fields: authenticate, generateJobNumber, updateJob, upsertJobAddress, upsertUserPageObjectSettings
- Subscription: subscription | fields: emailStatusUpdated
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 16:30

105.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: th-apac.smile-view.com
Port: 443
URL: https://th-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 16:27
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c6d9bb31

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2026-01-02 16:27

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e0a66559

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-30 14:41

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516a8daced

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 13:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377510154fc39

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-25 07:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751233616bb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 09:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d1d8be61

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-21 09:30

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a005f4fd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-19 10:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751415efaef

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-17 01:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516e7df099

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-12 22:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a416a011

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-11 05:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751386a6a2d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751828b9dcf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 14:54

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751544b7517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511549a7d9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775128fec145

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f9d4dd7d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775132f854fb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 14:10

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513132d4cb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-22 15:46

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775191f64f31

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-20 14:15

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2e33cf079

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:37

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e29c2d1b1b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e267790285

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e220f16517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e28cbd65af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfalbertina.cpms46.se
Port: 443
URL: https://brfalbertina.cpms46.se

First seen 2025-12-03 10:19
Last seen 2026-01-02 16:23
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 16:23
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: vindogat.cpms46.se
Port: 443
URL: https://vindogat.cpms46.se

First seen 2025-12-03 10:19
Last seen 2026-01-02 15:52
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:52
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: keab.cpms46.se
Port: 443
URL: https://keab.cpms46.se

First seen 2025-12-03 10:23
Last seen 2026-01-02 15:44
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:44
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: parkering.securitas.se
Port: 443
URL: https://parkering.securitas.se

First seen 2025-10-30 15:26
Last seen 2026-01-02 15:38
Open for 64 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:38
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: calc.timeline.co
Port: 443
URL: https://calc.timeline.co

First seen 2025-11-30 00:51
Last seen 2026-01-02 15:37
Open for 33 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db84e0e35094065277ac6469656c169f3ad8f4ff06d8f4ff06
```
GraphQL introspection enabled at /api
Types: 76 (by kind: ENUM: 20, INPUT_OBJECT: 14, OBJECT: 32, SCALAR: 10)
Operations:
- Query: Query | fields: inheritanceTax, simulationResults, sustainableSpending
Directives: include, skip (total: 2)
```
  Found on 2026-01-02 15:37
  
  85.0 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: wiki.fatlizard.beer
Port: 443
URL: https://wiki.fatlizard.beer

First seen 2025-12-03 00:06
Last seen 2026-01-02 15:04
Open for 30 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3dec863f59258a9f72eacd4d9eb5bbc5a957af4f2

GraphQL introspection enabled at /graphql
Types: 134 (by kind: ENUM: 10, INPUT_OBJECT: 12, OBJECT: 107, SCALAR: 5)
Operations:
- Query: Query | fields: analytics, assets, authentication, comments, contribute
- Mutation: Mutation | fields: analytics, assets, authentication, comments, groups
- Subscription: Subscription | fields: loggingLiveTrail
Directives: auth, cacheControl, deprecated, include, rateLimit, skip, specifiedBy (total: 7)

Found on 2026-01-02 15:04

190.1 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.guide-medicament.com
Port: 80
URL: http://www.guide-medicament.com

First seen 2025-11-07 00:46
Last seen 2026-01-02 15:03
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3f8bd3c90cbf9ab54ce74920b67a41d81c612bf81
```
GraphQL introspection enabled at /graphql
Types: 26 (by kind: ENUM: 2, OBJECT: 20, SCALAR: 4)
Operations:
- Query: Query | fields: drug, drugs, testField
- Mutation: Mutation | fields: testField
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 15:03
  
  32.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: parkering.corem.se
Port: 443
URL: https://parkering.corem.se

First seen 2025-12-07 00:04
Last seen 2026-01-02 14:51
Open for 26 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 14:51
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: smartroute.io
Port: 443
URL: https://smartroute.io

First seen 2025-11-22 00:05
Last seen 2026-01-02 14:36
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa363034660c6076ae4ff1c06dd195a0af7cf7fc8c7
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 10, SCALAR: 6)
Operations:
- Query: Query | fields: vehicleByImei
- Mutation: Mutation | fields: createTracker
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 14:36
  
  22.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: prod.leasingberegner.com
Port: 443
URL: https://prod.leasingberegner.com

First seen 2025-12-08 00:19
Last seen 2026-01-02 14:26
Open for 25 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39fe05c1b5f1181593f8150e32795df9ff72fc9cb
```
GraphQL introspection enabled at /graphql
Types: 31 (by kind: ENUM: 2, OBJECT: 24, SCALAR: 5)
Operations:
- Query: Query | fields: brand, company, me
- Mutation: Mutation | fields: activateUser, changePassword, createOffer, createToken, refreshToken
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
```
  Found on 2026-01-02 14:26
  
  38.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: api-staging.maximomes.app
Port: 443
URL: https://api-staging.maximomes.app

First seen 2025-11-03 09:04
Last seen 2026-01-02 14:06
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fdfcbd6b4b001829a9433755b1d507f00d51b571

GraphQL introspection enabled at /graphql
Types: 269 (by kind: ENUM: 13, INPUT_OBJECT: 106, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 14:06

264.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e1614c57cd654b85505aab1100a28164d16706a5

GraphQL introspection enabled at /graphql
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-02 00:13

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e298c7f2a80af71f8c64af1d0c0f32bb9b2279ddec

GraphQL introspection enabled at /graphql/api
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-29 05:28

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e271fbc2d4c5e99d186f9b84380521e7ff132ad580

GraphQL introspection enabled at /graphql/api
Types: 265 (by kind: ENUM: 13, INPUT_OBJECT: 102, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-27 05:44

261.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e24619f22e3b6106de17cff00a451a1d79558322da

GraphQL introspection enabled at /graphql/api
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-22 17:20

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36f747e3dab42d8df2ee822471b1a6e7225b3d99b

GraphQL introspection enabled at /graphql
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-14 15:16

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2
```
GraphQL introspection enabled at /graphql/api
```
Found on 2025-11-12 14:13

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a120b6f80324881c1acc411cb52239abe473eb1c

GraphQL introspection enabled at /graphql
Types: 259 (by kind: ENUM: 13, INPUT_OBJECT: 98, INTERFACE: 2, OBJECT: 72, SCALAR: 74)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-05 07:27

255.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa316ba1348e34e28ec1ab3ffac77572fbb2b906fcc

GraphQL introspection enabled at /graphql
Types: 254 (by kind: ENUM: 12, INPUT_OBJECT: 97, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-03 09:04

249.2 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: admin.takkei.se
Port: 80
URL: http://admin.takkei.se

First seen 2024-12-10 19:45
Last seen 2026-01-02 13:50
Open for 387 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfca832ed7f1ce48bb8f7a215dcb5641bac
```
Found 4 files trough .DS_Store spidering:

/fonts
/images
/images/colorbox
/images/jquerymobile
```
  Found on 2026-01-02 13:50
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: dev-backend.mechis.cz
Port: 80
URL: http://dev-backend.mechis.cz

First seen 2025-10-25 07:56
Last seen 2026-01-02 13:45
Open for 69 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31c95f0f9295a649b322fd57929a6944b5f67c07e

GraphQL introspection enabled at /graphql
Types: 164 (by kind: ENUM: 5, INPUT_OBJECT: 73, OBJECT: 78, SCALAR: 8)
Operations:
- Query: Query | fields: attachment, attachmentByStorageName, attachments, attachmentsByDeviceAndFiltersAndTags, attachmentsByMimeTypes
- Mutation: Mutation | fields: createAttachment, createDevice, deleteAttachment, updateAttachment, updateDevice
Directives: deprecated, include, skip, specifiedBy, validateOdometerToDate (total: 5)

Found on 2026-01-02 13:45

232.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa317434fa1b24bb963f0fb48b10d1699f317821756

GraphQL introspection enabled at /graphql
Types: 163 (by kind: ENUM: 5, INPUT_OBJECT: 73, OBJECT: 77, SCALAR: 8)
Operations:
- Query: Query | fields: attachment, attachmentByStorageName, attachments, attachmentsByDeviceAndFiltersAndTags, attachmentsByMimeTypes
- Mutation: Mutation | fields: createAttachment, createDevice, deleteAttachment, updateAttachment, updateDevice
Directives: deprecated, include, skip, specifiedBy, validateOdometerToDate (total: 5)

Found on 2025-12-26 16:10

229.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.maximomes.app
Port: 80
URL: http://api.maximomes.app

First seen 2025-10-23 23:49
Last seen 2026-01-02 13:40
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fdfcbd6b4b001829a9433755b1d507f00d51b571

GraphQL introspection enabled at /graphql
Types: 269 (by kind: ENUM: 13, INPUT_OBJECT: 106, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 13:40

265.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e1614c57cd654b85505aab1100a28164d16706a5

GraphQL introspection enabled at /graphql
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-30 22:26

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e3dbe78b4cff82898dba3ef523e55a902b4493d1

GraphQL introspection enabled at /graphql
Types: 265 (by kind: ENUM: 13, INPUT_OBJECT: 102, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-26 19:39

261.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36f747e3dab42d8df2ee822471b1a6e7225b3d99b

GraphQL introspection enabled at /graphql
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-23 02:52

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a120b6f80324881c1acc411cb52239abe473eb1c

GraphQL introspection enabled at /graphql
Types: 259 (by kind: ENUM: 13, INPUT_OBJECT: 98, INTERFACE: 2, OBJECT: 72, SCALAR: 74)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-05 05:52

255.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa316ba1348e34e28ec1ab3ffac77572fbb2b906fcc

GraphQL introspection enabled at /graphql
Types: 254 (by kind: ENUM: 12, INPUT_OBJECT: 97, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-03 04:30

249.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d382c5e09a39156424130573eb8d023b72f7be1a

GraphQL introspection enabled at /graphql
Types: 252 (by kind: ENUM: 12, INPUT_OBJECT: 95, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: checkResetEmailToken, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: createEntry, deleteEntry, refreshToken, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-10-28 06:44

242.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: gamlestadenmobilitet.park46.se
Port: 443
URL: https://gamlestadenmobilitet.park46.se

First seen 2025-10-19 00:19
Last seen 2026-01-02 13:29
Open for 75 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:29
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: bigardenssff.cpms46.se
Port: 443
URL: https://bigardenssff.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 13:19
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:19
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: au-apac.smile-view.com
Port: 443
URL: https://au-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 13:09
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511b4e4377

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 13:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751760dab47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 18:58

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751453b7333

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-25 01:38

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512c7fdc51

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 16:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751201a4a95

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 18:40

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514eaf432f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 06:41

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751db2f8065

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 06:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512dd51ca7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519f692aa9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-12 11:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775155c7a92d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775159d666c5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 14:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515a9b7a9f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516cd48f7f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-02 06:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775128767491

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751acdaa877

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: medium
Fingerprint: c2db3a1c40d490dbaf340e11af340e11af340e11af340e11af340e11af340e11
```
GraphQL introspection enabled at /api/gql
```
Found on 2025-12-01 04:16

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d9cba587

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 20:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 15:11

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519f82d4e1

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-26 18:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:51

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f628c2ad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-21 10:24

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e23a68196b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : total=3 limit=100 skip=0
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-18 06:21

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2f5128399

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 21:33

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2d1c85db3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e20aff96eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e27108de7b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b2ede85f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: app.mirandol.com
Port: 80
URL: http://app.mirandol.com

First seen 2025-11-18 00:48
Last seen 2026-01-02 12:52
Open for 45 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d88a1858c88a1858c88a1858c88a1858c
```
Found 1 files trough .DS_Store spidering:

/sitemap.xml
```
  Found on 2026-01-02 12:52
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: parkando.staging.park46.se
Port: 443
URL: https://parkando.staging.park46.se

First seen 2025-10-22 08:16
Last seen 2026-01-02 12:49
Open for 72 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:49
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: web.staging.samla.io
Port: 443
URL: https://web.staging.samla.io

First seen 2025-11-03 00:48
Last seen 2026-01-02 12:47
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31e61d79bacd27fd9288fff0db73c455fa55e90d3

GraphQL introspection enabled at /graphql
Types: 293 (by kind: ENUM: 33, INPUT_OBJECT: 117, INTERFACE: 6, OBJECT: 117, SCALAR: 15, UNION: 5)
Operations:
- Query: Query | fields: attachment, cacheVersion, calendar, findCacheKeys, version
- Mutation: Mutation | fields: addAttachment, createCalendar, newAddAttachment, newRemoveAttachment, removeAttachment
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 12:47

415.2 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfflora.cpms46.se
Port: 443
URL: https://brfflora.cpms46.se

First seen 2025-12-03 10:25
Last seen 2026-01-02 12:46
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:46
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: products.kite.ly
Port: 443
URL: https://products.kite.ly

First seen 2025-11-09 00:09
Last seen 2026-01-02 12:46
Open for 54 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d68cd6ae94e1e57258a781990e60e720bef1fb814a
```
GraphQL introspection enabled at /api/graphql
Types: 30 (by kind: ENUM: 3, OBJECT: 23, SCALAR: 4)
Operations:
- Query: RootQueryType | fields: catalog, colours, country, products, shipping
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
```
  Found on 2026-01-02 12:46
  
  49.5 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.trnrr.com
Port: 443
URL: https://api.trnrr.com

First seen 2025-12-02 22:43
Last seen 2026-01-02 12:38
Open for 30 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3213851d1aa5f031308ee72b13895a1bc6d75d44c

GraphQL introspection enabled at /graphql
Types: 85 (by kind: ENUM: 21, INPUT_OBJECT: 26, OBJECT: 31, SCALAR: 7)
Operations:
- Query: Query | fields: activeWorkoutSession, adminExercise, adminExercises, chatMessageCount, chatMessages
- Mutation: Mutation | fields: addExerciseAlias, addExerciseToTrainingPlan, completeOnboarding, createExercise, createTrainingPlan
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 12:38

109.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c2ca3dc0cc1cfe04af8b23dbff3b1e528161ee2e

GraphQL introspection enabled at /graphql
Types: 79 (by kind: ENUM: 21, INPUT_OBJECT: 21, OBJECT: 30, SCALAR: 7)
Operations:
- Query: Query | fields: activeWorkoutSession, chatMessageCount, chatMessages, currentActiveWorkoutSession, exercise
- Mutation: Mutation | fields: addExerciseToTrainingPlan, completeOnboarding, createTrainingPlan, createWorkoutSession, deleteTrainingPlan
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-26 17:49

99.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-18 20:30

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: lookups-api.ayamedica.com
Port: 80
URL: http://lookups-api.ayamedica.com

First seen 2025-10-19 22:21
Last seen 2026-01-02 12:37
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203d01296

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 12:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22e47b134

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 18:30

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2772c7ed6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 16:04

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27834748c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 20:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23b1593d4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec209fadd96

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21eea699a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a5a9d2c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec251fb6dce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-20 19:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 15:14

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec253e015b4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-16 12:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22cd7cff6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-14 05:15

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fc56e7a4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-12 18:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec277395a5e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-30 13:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26a23a37a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-28 12:49

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2750cafdc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-26 19:30

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2374976c8

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-24 14:33

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25f8bc5a6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-22 12:35

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db01bd1a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-20 13:58

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2aa81f690

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-16 07:00

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eccd148a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 06:45

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2514c01aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-12 14:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27236ebaa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-10 14:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203d8f790

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 12:56

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-06 21:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e82052a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-04 19:29

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2686bfabe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 02:57

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec257acf1f4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cd3c56e0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2efe7e250

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-01 21:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e065d30a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 17:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28c4320ce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2515c0f76

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec24eaf1170

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e4c25c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2361210a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-26 11:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25fb8f51e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-24 10:25

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f4d9aa58

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-22 11:41

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20849f93a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20f604baa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec214598374

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ae854e78

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: investborgenstockholm.cpms46.se
Port: 443
URL: https://investborgenstockholm.cpms46.se

First seen 2025-12-03 10:23
Last seen 2026-01-02 12:37
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:37
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: silviasoftware.org
Port: 80
URL: http://silviasoftware.org

First seen 2024-12-14 21:50
Last seen 2026-01-02 12:27
Open for 383 days
- Severity: medium
  Fingerprint: 5f32cf5d6962f09c2acf29aa2acf29aacbb83818446858bbc4777e9b7940a890
```
Found 33 files trough .DS_Store spidering:

/404.html
/app.py
/css
/css/animate.css
/css/responsive.css
/css/style.css
/css/style2.css
/email.html
/fulfillment-policy.html
/img
/img/1.png
/img/2.png
/img/3.png
/img/4.png
/img/5.png
/img/6.png
/img/discord.png
/img/gym.jpg
/img/logo.jpeg
/img/logo.png
/img/p11.png
/img/p22.png
/index.html
/js
/js/faq.js
/js/main.js
/js/wow.js
/postMail.php
/privacy-policy.html
/Procfile
/products
/requirements.txt
/terms-and-conditions.html
```
  Found on 2026-01-02 12:27
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: seb.park46.se
Port: 443
URL: https://seb.park46.se

First seen 2025-12-13 00:21
Last seen 2026-01-02 12:12
Open for 20 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:12
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: bbhortkir.nyttig-info.dk
Port: 443
URL: https://bbhortkir.nyttig-info.dk

First seen 2025-07-18 00:06
Last seen 2026-01-02 12:10
Open for 168 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc837288bff59bf90a4cd9c223b6d9c6c7
```
Found 4 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/offline.html
/vejledninger
```
  Found on 2026-01-02 12:10
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f021ea090ae41dfe7d05d4973d05d4973
```
Found 3 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/vejledninger
```
  Found on 2025-12-12 22:52
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.portal.citygames.de
Port: 443
URL: https://api.portal.citygames.de

First seen 2025-11-11 03:46
Last seen 2026-01-02 12:07
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d9181c39a346585bfbe2b3f59676f8159676f815
```
GraphQL introspection enabled at /graphql
Types: 12 (by kind: ENUM: 2, OBJECT: 7, SCALAR: 3)
Operations:
- Query: Query | fields: _empty
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 12:07
  
  17.0 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: sollentunahem.park46.se
Port: 443
URL: https://sollentunahem.park46.se

First seen 2025-12-09 00:23
Last seen 2026-01-02 12:02
Open for 24 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:02
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: stay.thestationinnribblehead.com
Port: 443
URL: https://stay.thestationinnribblehead.com

First seen 2025-10-18 07:31
Last seen 2026-01-02 11:59
Open for 76 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dc3f3add607e4ebf4c1f8237ed824744f0fba1be

GraphQL introspection enabled at /api
Types: 69 (by kind: ENUM: 6, INPUT_OBJECT: 16, OBJECT: 39, SCALAR: 8)
Operations:
- Query: RootQueryType | fields: accounts, calculateCost, calculateItemisedCost, currentBooking, currentOrganisations
- Mutation: RootMutationType | fields: createAccount, createAvailability, createBooking, createExtra, createPaymentIntent
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 11:59

113.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35012ec146f8ca75f3d96f610ddcdd11dda6b44e76c

GraphQL introspection enabled at /api
Types: 68 (by kind: ENUM: 5, INPUT_OBJECT: 16, OBJECT: 39, SCALAR: 8)
Operations:
- Query: RootQueryType | fields: calculateCost, calculateItemisedCost, currentBooking, currentOrganisations, currentUser
- Mutation: RootMutationType | fields: createAccount, createAvailability, createBooking, createExtra, createPaymentIntent
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-08 12:44

113.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: playground.comgy-testing.club
Port: 443
URL: https://playground.comgy-testing.club

First seen 2025-11-18 01:18
Last seen 2026-01-02 11:56
Open for 45 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 11:56

123.0 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.inhousehealthandfitness.com
Port: 443
URL: https://www.inhousehealthandfitness.com

First seen 2024-12-24 00:20
Last seen 2026-01-02 11:47
Open for 374 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c62fb79d662fb79d6ded92525efad438e95f7fe576f944dbd

Found 95 files trough .DS_Store spidering:

/data
/fonts
/images
/images/asto.svg
/images/chocolat
/images/dark-logo.png
/images/double-pattern.png
/images/logo.png
/images/main-banner1-a.jpg
/images/main-banner1-b.jpg
/images/main-banner1-c.jpg
/images/main-banner1-d.jpg
/images/main-banner1-e.jpg
/images/main-banner1.jpg
/images/main-banner2.jpg
/images/main-profile.jpg
/images/map-bg-5.png
/images/map-bg.jpg
/images/map-bg.png
/images/portfolio-image-1.jpg
/images/portfolio-image-2.jpg
/images/portfolio-image-3.jpg
/images/portfolio-image-4.jpg
/images/portfolio-image-5.jpg
/images/portfolio-large-1.jpg
/images/portfolio-large-10.jpg
/images/portfolio-large-11.jpg
/images/portfolio-large-12.jpg
/images/portfolio-large-13.jpg
/images/portfolio-large-14.jpg
/images/portfolio-large-2.jpg
/images/portfolio-large-3.jpg
/images/portfolio-large-4.jpg
/images/portfolio-large-5.jpg
/images/portfolio-large-6.jpg
/images/portfolio-large-7.jpg
/images/portfolio-large-8.jpg
/images/portfolio-large-9.jpg
/images/portfolio-small-1.jpg
/images/portfolio-small-10.jpg
/images/portfolio-small-11.jpg
/images/portfolio-small-12.jpg
/images/portfolio-small-2.jpg
/images/portfolio-small-3.jpg
/images/portfolio-small-4.jpg
/images/portfolio-small-5.jpg
/images/portfolio-small-6.jpg
/images/portfolio-small-7.jpg
/images/portfolio-small-8.jpg
/images/portfolio-small-9.jpg
/images/portfolio-thumb-1.jpg
/images/portfolio-thumb-10.jpg
/images/portfolio-thumb-11.jpg
/images/portfolio-thumb-12.jpg
/images/portfolio-thumb-13.jpg
/images/portfolio-thumb-14.jpg
/images/portfolio-thumb-2.jpg
/images/portfolio-thumb-3.jpg
/images/portfolio-thumb-4.jpg
/images/portfolio-thumb-5.jpg
/images/portfolio-thumb-6.jpg
/images/portfolio-thumb-7.jpg
/images/portfolio-thumb-8.jpg
/images/portfolio-thumb-9.jpg
/images/portfolio1.jpg
/images/portfolio2.jpg
/images/portfolio3.jpg
/images/portfolio4.jpg
/images/portfolio5.jpg
/images/portfolio6.jpg
/images/post-image1.jpg
/images/post-large.jpg
/images/post-thumb-1.jpg
/images/post-thumb-2.jpg
/images/post-thumb-3.jpg
/images/post-thumb1.jpg
/images/post-thumb2.jpg
/images/post-thumb3.jpg
/images/review-bg.jpg
/images/reviewer-3.jpg
/images/reviewer-4.jpg
/images/single-image.jpg
/images/single-pattern.png
/images/StillsSession-12.jpg
/images/StillsSession-31.jpg
/images/StillsSession-32.jpg
/images/StillsSession-33.jpg
/images/team-image1.jpg
/images/team-image2.jpg
/images/team-image3.jpg
/images/team-image4.jpg
/images/team-image5.jpg
/images/team-image7.jpg
/images/team-image8.jpg
/images/video-image.jpg

Found on 2026-01-02 11:47

Severity: medium
Fingerprint: 5f32cf5d6962f09c0f1214d30f1214d3b20d2210a515c4e15af34deee0a16c8b

Found 94 files trough .DS_Store spidering:

/fonts
/images
/images/asto.svg
/images/chocolat
/images/dark-logo.png
/images/double-pattern.png
/images/logo.png
/images/main-banner1-a.jpg
/images/main-banner1-b.jpg
/images/main-banner1-c.jpg
/images/main-banner1-d.jpg
/images/main-banner1-e.jpg
/images/main-banner1.jpg
/images/main-banner2.jpg
/images/main-profile.jpg
/images/map-bg-5.png
/images/map-bg.jpg
/images/map-bg.png
/images/portfolio-image-1.jpg
/images/portfolio-image-2.jpg
/images/portfolio-image-3.jpg
/images/portfolio-image-4.jpg
/images/portfolio-image-5.jpg
/images/portfolio-large-1.jpg
/images/portfolio-large-10.jpg
/images/portfolio-large-11.jpg
/images/portfolio-large-12.jpg
/images/portfolio-large-13.jpg
/images/portfolio-large-14.jpg
/images/portfolio-large-2.jpg
/images/portfolio-large-3.jpg
/images/portfolio-large-4.jpg
/images/portfolio-large-5.jpg
/images/portfolio-large-6.jpg
/images/portfolio-large-7.jpg
/images/portfolio-large-8.jpg
/images/portfolio-large-9.jpg
/images/portfolio-small-1.jpg
/images/portfolio-small-10.jpg
/images/portfolio-small-11.jpg
/images/portfolio-small-12.jpg
/images/portfolio-small-2.jpg
/images/portfolio-small-3.jpg
/images/portfolio-small-4.jpg
/images/portfolio-small-5.jpg
/images/portfolio-small-6.jpg
/images/portfolio-small-7.jpg
/images/portfolio-small-8.jpg
/images/portfolio-small-9.jpg
/images/portfolio-thumb-1.jpg
/images/portfolio-thumb-10.jpg
/images/portfolio-thumb-11.jpg
/images/portfolio-thumb-12.jpg
/images/portfolio-thumb-13.jpg
/images/portfolio-thumb-14.jpg
/images/portfolio-thumb-2.jpg
/images/portfolio-thumb-3.jpg
/images/portfolio-thumb-4.jpg
/images/portfolio-thumb-5.jpg
/images/portfolio-thumb-6.jpg
/images/portfolio-thumb-7.jpg
/images/portfolio-thumb-8.jpg
/images/portfolio-thumb-9.jpg
/images/portfolio1.jpg
/images/portfolio2.jpg
/images/portfolio3.jpg
/images/portfolio4.jpg
/images/portfolio5.jpg
/images/portfolio6.jpg
/images/post-image1.jpg
/images/post-large.jpg
/images/post-thumb-1.jpg
/images/post-thumb-2.jpg
/images/post-thumb-3.jpg
/images/post-thumb1.jpg
/images/post-thumb2.jpg
/images/post-thumb3.jpg
/images/review-bg.jpg
/images/reviewer-3.jpg
/images/reviewer-4.jpg
/images/single-image.jpg
/images/single-pattern.png
/images/StillsSession-12.jpg
/images/StillsSession-31.jpg
/images/StillsSession-32.jpg
/images/StillsSession-33.jpg
/images/team-image1.jpg
/images/team-image2.jpg
/images/team-image3.jpg
/images/team-image4.jpg
/images/team-image5.jpg
/images/team-image7.jpg
/images/team-image8.jpg
/images/video-image.jpg

Found on 2025-01-18 08:17

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: id-apac.smile-view.com
Port: 80
URL: http://id-apac.smile-view.com

First seen 2025-11-15 02:12
Last seen 2026-01-02 11:32
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775193f8694d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 11:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516d49f985

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 18:47

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751017839df

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 19:02

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a0887d23

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 21:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775166133e47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-20 23:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377510a73140f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-18 23:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517ab88e5d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 20:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bb731621

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-14 12:12

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511addca3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:02

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775136c4e8d5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-11 08:28

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b6829855

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511d5eb585

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517df48faf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775113916a25

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 00:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fb89c12b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 23:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514976886d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-27 02:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e354736b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 08:28

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751505b7165

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 07:17

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e21e32edcd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 19:59

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e20e95b6dd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : skip=0 total=47 limit=100
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2c1e0f379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : total=34 limit=100 skip=0
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e28cbd65af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: tw-apac.smile-view.com
Port: 443
URL: https://tw-apac.smile-view.com

First seen 2025-11-15 02:31
Last seen 2026-01-02 11:07
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519bc36ae5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2026-01-02 11:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fb24bd4d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 20:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751011dc253

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-25 02:56

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bc71b4a5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 02:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a627db11

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 20:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b45f4d05

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-19 01:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ffa51131

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 19:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751087e4bf3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-14 14:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d31349b7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-14 12:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 13:49

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751017839df

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-10 07:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511addca3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:23

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775145338651

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-05 14:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fcfc3fcd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514eaf432f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516b050639

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d981a385

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 00:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 23:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e3fee20f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-27 02:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bd6347b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 08:28

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514c86072f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 07:18

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e21e8c44b7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 19:59

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2442097bf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e285730aad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e220f16517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e29a71c85d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: t9.cpms46.se
Port: 443
URL: https://t9.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 10:55
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:55
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: nackaenergi.park46.se
Port: 443
URL: https://nackaenergi.park46.se

First seen 2025-10-23 00:12
Last seen 2026-01-02 10:43
Open for 71 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:43
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfmhp2.cpms46.se
Port: 443
URL: https://brfmhp2.cpms46.se

First seen 2025-12-03 10:22
Last seen 2026-01-02 10:38
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:38
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfparkhusen.cpms46.se
Port: 443
URL: https://brfparkhusen.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 10:38
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:38
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: obchod.stokrle.cz
Port: 443
URL: https://obchod.stokrle.cz

First seen 2025-10-19 22:29
Last seen 2026-01-02 10:35
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ad723d1d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1242
orders (args: optional/default) : totalCount=1331
returns (args: optional/default) : totalCount=54
orderCounts (args: none) : pendingCount=6 readyCount=1

Found on 2026-01-02 10:35

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59565cb1775

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1232
orders (args: optional/default) : totalCount=1317
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=0

Found on 2025-12-26 16:38

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ed97c5be

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1227
orders (args: optional/default) : totalCount=1311
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=5 readyCount=0

Found on 2025-12-21 05:59

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59580c0af5e

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1212
orders (args: optional/default) : totalCount=1296
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : readyCount=6 pendingCount=3

Found on 2025-12-19 03:34

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5951af2234d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1192
orders (args: optional/default) : totalCount=1271
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=3

Found on 2025-12-16 20:24

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5957aa9f08c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1163
orders (args: optional/default) : totalCount=1233
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=11

Found on 2025-12-14 09:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59582cae19c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1160
orders (args: optional/default) : totalCount=1230
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=8

Found on 2025-12-13 16:51

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5950005125d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1049
orders (args: optional/default) : totalCount=1101
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=4 readyCount=5

Found on 2025-12-01 18:04

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5955139a5cd

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1033
orders (args: optional/default) : totalCount=1084
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-11-29 10:11

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953426fb17

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1028
orders (args: optional/default) : totalCount=1079
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=4 readyCount=13

Found on 2025-11-27 06:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595c1b2ce33

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=20

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9e5ab79

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=20 pendingCount=2

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f99fef75

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1008
orders (args: optional/default) : totalCount=1073
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=13

Found on 2025-11-23 07:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595d0a703c3

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1001
orders (args: optional/default) : totalCount=1065
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=7

Found on 2025-11-21 13:19

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5957bad3f71

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=988
orders (args: optional/default) : totalCount=1050
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-16 20:17

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953a7768b2

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=981
orders (args: optional/default) : totalCount=1043
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-14 21:22

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595119bdc9b

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=972
orders (args: optional/default) : totalCount=1031
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=10

Found on 2025-11-12 15:31

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc23607d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=967
orders (args: optional/default) : totalCount=1025
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=4

Found on 2025-11-10 18:51

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc179252

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=962
orders (args: optional/default) : totalCount=1020
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=5

Found on 2025-11-08 15:03

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59557758efe

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=958
orders (args: optional/default) : totalCount=1016
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-07 06:01

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5958d91a35c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=954
orders (args: optional/default) : totalCount=1012
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-05 13:17

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5952193e121

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=953
orders (args: optional/default) : totalCount=1011
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=2

Found on 2025-11-03 10:06

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5951c2bdb88

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=951
orders (args: optional/default) : totalCount=1009
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=2

Found on 2025-11-02 05:31

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5956f3571b4

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=943
orders (args: optional/default) : totalCount=1001
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-29 08:58

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595909f1896

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=999
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-26 11:05

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fb80c7b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=998
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-24 10:25

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59579b1d7a8

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=939
orders (args: optional/default) : totalCount=994
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-22 11:40

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9ecd561

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=8

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: review.api.bookingworldspeakers.com
Port: 443
URL: https://review.api.bookingworldspeakers.com

First seen 2025-11-17 00:16
Last seen 2026-01-02 10:30
Open for 46 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa355717e3d7841d8df11d846911841d1c067fe96b0
```
GraphQL introspection enabled at /graphql
Types: 101 (by kind: ENUM: 8, INPUT_OBJECT: 35, INTERFACE: 1, OBJECT: 49, SCALAR: 8)
Operations:
- Query: RootType | fields: admins, bestAudiences, emailAvailable, getUsersById, me
- Mutation: Mutations | fields: attendEvent, banUser, changeAvatar, favoriteSpeaker, updateAudienceProfile
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:30
  
  167.6 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: ballongflygaren.cpms46.se
Port: 443
URL: https://ballongflygaren.cpms46.se

First seen 2025-12-03 10:26
Last seen 2026-01-02 10:28
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:28
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: byensnoegle.crowdfundinghub.dk
Port: 443
URL: https://byensnoegle.crowdfundinghub.dk

First seen 2025-12-13 00:01
Last seen 2026-01-02 10:20
Open for 20 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 10:20
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.guide-medicament.com
Port: 443
URL: https://www.guide-medicament.com

First seen 2025-11-07 00:46
Last seen 2026-01-02 10:14
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3f8bd3c90cbf9ab54ce74920b67a41d81c612bf81
```
GraphQL introspection enabled at /graphql
Types: 26 (by kind: ENUM: 2, OBJECT: 20, SCALAR: 4)
Operations:
- Query: Query | fields: drug, drugs, testField
- Mutation: Mutation | fields: testField
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 10:14
  
  32.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.beraten-aus-daten.de
Port: 80
URL: http://www.beraten-aus-daten.de

First seen 2025-11-24 02:45
Last seen 2026-01-02 09:55
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa34ece4d900a61065440eb28769c198e530ebac5bf
```
GraphQL introspection enabled at /graphql
Types: 18 (by kind: ENUM: 2, OBJECT: 11, SCALAR: 5)
Operations:
- Query: Query | fields: sdpReportStatistics, sdpReports
- Mutation: Mutation | fields: addAppUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0
```
  Found on 2026-01-02 09:55
  
  24.7 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: app.postexpress.io
Port: 443
URL: https://app.postexpress.io

First seen 2025-10-13 10:26
Last seen 2026-01-02 08:48
Open for 80 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8ef0d5608ef0d5608ef0d5608ef0d560
```
Found 1 files trough .DS_Store spidering:

/favicon
```
  Found on 2026-01-02 08:48
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: archive.blkdnm.com
Port: 443
URL: https://archive.blkdnm.com

First seen 2025-10-28 00:19
Last seen 2026-01-02 08:48
Open for 66 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34ddde82e05dc58de513b2056b1d6fe15d74f0221

GraphQL introspection enabled at /graphql
Types: 121 (by kind: ENUM: 2, INPUT_OBJECT: 4, INTERFACE: 2, OBJECT: 105, SCALAR: 7, UNION: 1)
Operations:
- Query: Query | fields: categories, collection, collections, fullCategories, init
- Mutation: Mutation | fields: changeCountry, changeLang, newsletterSubscription, postContactForm, raffleSubscription
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 08:48

193.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36d44e6ada88edc0fba85817b8c3286cac827733c

GraphQL introspection enabled at /graphql
Types: 119 (by kind: ENUM: 2, INPUT_OBJECT: 4, INTERFACE: 2, OBJECT: 103, SCALAR: 7, UNION: 1)
Operations:
- Query: Query | fields: categories, collection, collections, fullCategories, init
- Mutation: Mutation | fields: changeCountry, changeLang, newsletterSubscription, postContactForm, raffleSubscription
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-28 00:19

185.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: lts-api.meister1.com
Port: 443
URL: https://lts-api.meister1.com

First seen 2025-11-15 03:20
Last seen 2026-01-02 08:37
Open for 48 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3a18b8ec37f5fad41049c1fb5a0a19a64a0089bc4
```
GraphQL introspection enabled at /graphql
Types: 226 (by kind: ENUM: 22, INPUT_OBJECT: 71, INTERFACE: 3, OBJECT: 123, SCALAR: 7)
Operations:
- Query: Query | fields: account, lead, orderableProducts, smtpConfigTemplates, viewer
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, accountUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 08:37
  
  240.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: admin.ogogofitness.com
Port: 80
URL: http://admin.ogogofitness.com

First seen 2025-11-28 01:08
Last seen 2026-01-02 08:31
Open for 35 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6845c28677ad6a4557d0628ca3dfd135da8043e09
```
GraphQL introspection enabled at /api/graphql
Types: 115 (by kind: ENUM: 3, INPUT_OBJECT: 29, INTERFACE: 1, OBJECT: 75, SCALAR: 7)
Operations:
- Query: Query | fields: apiKey, apiKeys, builder, builderExercise, builderExercises
- Mutation: Mutation | fields: completeWorkout, createBuilder, deleteApiKey, deleteBuilder, deleteBuilderExercise
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 08:31
  
  132.9 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: mga-international.blockinvest.technology
Port: 443
URL: https://mga-international.blockinvest.technology

First seen 2024-12-17 11:35
Last seen 2026-01-02 08:24
Open for 380 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b0d34cd89498449f102be439fa62d44b3
```
Found 14 files trough .DS_Store spidering:

/actual-plan-curve.xlsx
/actual-plan-curve_old.xlsx
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/business-plan-curve-old.xlsx
/business-plan-curve.xlsx
/email_assets
/favicon.ico
/recovery-plan-curve-old.xlsx
/recovery-plan-curve.xlsx
/robots.txt
/sample_invite.csv
/Terms_and_Condition_BlockInvest.pdf
/Terms_and_Condition_BlockInvest_Old.pdf
```
  Found on 2026-01-02 08:24
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: monolith-api.ayamedica.com
Port: 443
URL: https://monolith-api.ayamedica.com

First seen 2025-10-19 22:22
Last seen 2026-01-02 07:47
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33183c6fd8d61be1f410e8f10231defc24b56f811

GraphQL introspection enabled at /graphql
Types: 295 (by kind: ENUM: 19, INPUT_OBJECT: 42, OBJECT: 224, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfAppointmentExists, readAllAppointments, readAppointmentDetails, readAppointmentPatients, readAppointments
- Mutation: Mutation | fields: cancelSchoolAppointment, checkOutSchoolAppointment, createSchoolAppointment, deleteSchoolAppointment, editSchoolAppointment
- Subscription: Subscription | fields: importProgress, progrssUpload
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 16)

Found on 2026-01-02 07:47

370.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-30 21:57

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33183c6fd8d61be1f410e8f10231defc24c56f9e2

GraphQL introspection enabled at /graphql
Types: 295 (by kind: ENUM: 19, INPUT_OBJECT: 42, OBJECT: 224, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfAppointmentExists, readAllAppointments, readAppointmentDetails, readAppointmentPatients, readAppointments
- Mutation: Mutation | fields: cancelSchoolAppointment, checkOutSchoolAppointment, createSchoolAppointment, deleteSchoolAppointment, editSchoolAppointment
- Subscription: Subscription | fields: importProgress, progrssUpload
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Found on 2025-10-19 22:22

370.6 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: system.jordanxavierconnect.co.uk
Port: 443
URL: https://system.jordanxavierconnect.co.uk

First seen 2025-08-11 20:34
Last seen 2026-01-02 07:45
Open for 143 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c2eda814e2eda814e2cd21bea437d53d840ac318f582f37fb
```
Found 6 files trough .DS_Store spidering:

/assets
/js
/uploads
/uploads/tmp
/uploads/tmp/1609181085-54346-0008-8900
/uploads/tmp/1609181157-54346-0009-4621
```
  Found on 2026-01-02 07:45
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0ff409caf1ca123a392938216e2938216e
```
Found 3 files trough .DS_Store spidering:

/assets
/js
/uploads
```
  Found on 2025-11-12 20:05
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d86bfb45c8612ad1a940c4fe9f53df2b34
```
Found 8 files trough .DS_Store spidering:

/assets
/assets/images
/assets/js
/js
/uploads
/uploads/tmp
/uploads/tmp/1609181085-54346-0008-8900
/uploads/tmp/1609181157-54346-0009-4621
```
  Found on 2025-09-06 09:19
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.fussballinfos.ch
Port: 443
URL: https://www.fussballinfos.ch

First seen 2025-11-08 00:23
Last seen 2026-01-02 07:38
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 07:38
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.falsch-parker.ch
Port: 443
URL: https://api.falsch-parker.ch

First seen 2025-10-29 01:08
Last seen 2026-01-02 07:37
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b26636c0deb55104fa5f9fcc821945ad194583bd

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 07:37

168.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3daab4f76c6b8f6667c04f6eead50aa0389f1cdd3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 6, INPUT_OBJECT: 72, OBJECT: 42, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-18 07:56

171.0 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.tangram-dashboard.com
Port: 443
URL: https://www.tangram-dashboard.com

First seen 2025-03-06 00:43
Last seen 2026-01-02 07:25
Open for 302 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7abf60e5353930a2f012da8684c14f7bb

Found 128 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/avatars
/avatars/aircargonews.png
/avatars/automotivelogistics.jpeg
/avatars/bollore_logistics.png
/avatars/ceva_logistics.png
/avatars/cmacgm.jpeg
/avatars/cmacgmfrance.jpeg
/avatars/corsematin.png
/avatars/dc_velocity.gif
/avatars/foodlogistics.jpeg
/avatars/generic.png
/avatars/inbound_logistics.jpeg
/avatars/joc.jpeg
/avatars/journalmarinemarchande.jpeg
/avatars/lameridionale.png
/avatars/laprovence.jpeg
/avatars/latribune.png
/avatars/lemarin.jpeg
/avatars/lloyds-list.jpg
/avatars/logistics_management.jpeg
/avatars/logistics_manager.jpeg
/avatars/mer-et-marine.jpeg
/avatars/rodolphe_saade.jpeg
/avatars/sdcexec.jpeg
/avatars/shipping_watch.jpeg
/avatars/supplychaindive.jpeg
/avatars/tradewinds.png
/avatars/transporttopics.png
/avatars/WSJ.jpeg
/avatars/zebox.jpeg
/banners
/data.txt
/favicon.ico
/flags
/fonts
/images
/images/aberdeen-hong-kong-12-may-2019-aerial-view-of-co-2023-11-27-05-08-34-utc.webp
/images/aerial-view-of-container-cargo-ship-with-container-2023-11-27-15-51-29-utc.webp
/images/aerial-view-of-logistic-center-2023-11-27-05-06-08-utc.webp
/images/ai
/images/ai_2.png
/images/avatar1.png
/images/avatar2.png
/images/avatar3.png
/images/avatar4.png
/images/avatar5.png
/images/bcg.png
/images/bcg.svg
/images/blockchain
/images/blockchain.png
/images/cargo-carrier-ships-at-sunset-2023-11-27-05-12-51-utc.webp
/images/cargo-tanker-ships-in-transportation-concept-ship-2023-11-27-05-17-03-utc.webp
/images/cma-cgm.svg
/images/container-cargo-ship-in-the-export-and-import-busi-2023-11-27-04-54-50-utc.webp
/images/container-cargo-ship-in-the-export-and-import-busi-2023-11-27-05-27-26-utc.webp
/images/container-port-in-nightfall-2023-11-27-05-29-43-utc.webp
/images/container-ship-and-cranes-at-port-2023-11-27-04-52-34-utc.webp
/images/container-ship-and-cranes-at-port-2023-11-27-05-08-17-utc.webp
/images/container-ships-cranes-and-containers-at-port-in-2023-11-27-05-11-58-utc.webp
/images/container-terminal-2023-11-27-05-24-48-utc.webp
/images/container-terminal-2023-11-27-05-33-54-utc.webp
/images/containers-on-a-vessel-global-market-cargo-shipp-2023-11-27-05-13-43-utc.webp
/images/cranes-and-containers-at-port-2023-11-27-04-58-05-utc.webp
/images/decarbonization
/images/decarbonization.png
/images/digitalization
/images/digitalization.png
/images/HEC_Paris.svg
/images/imperial.png
/images/Imperial_College_London.svg
/images/industrial-port-with-containers-vessel-loading-in-2023-11-27-05-31-50-utc.webp
/images/industry-at-port-basel-switzerland-2023-11-27-05-30-36-utc.webp
/images/innovation
/images/innovation.png
/images/interior-of-warehouse-in-logistic-center-2023-11-27-04-57-57-utc.webp
/images/kwai-chung-hong-kong-27-january-2022-top-down-vi-2023-11-27-05-14-06-utc.webp
/images/kwai-tsing-hong-kong-12-february-2019-container-2023-11-27-05-01-00-utc.webp
/images/kwai-tsing-hong-kong-12-february-2019-container-2023-11-27-05-20-03-utc.webp
/images/leadership
/images/leadership.png
/images/location.svg
/images/logo.svg
/images/metaverse
/images/news_interne.svg
/images/random
/images/random/random-1.webp
/images/random/random-2.webp
/images/random/random-3.webp
/images/random/random-4.webp
/images/random/random-5.webp
/images/random/random-6.webp
/images/random/random-7.webp
/images/random/random-8.webp
/images/random/random-9.webp
/images/suitcase.svg
/images/transportation-logistics-and-container-dock-cargo-2023-11-27-04-58-20-utc.webp
/images/transportation-logistics-and-container-dock-cargo-2023-11-27-05-29-31-utc.webp
/images/warehouse-logistics-is-important-2023-11-27-05-32-06-utc.webp
/images/world.svg
/pictos
/pictos/ai-white.svg
/pictos/ai.svg
/pictos/airplane.svg
/pictos/black-comment.svg
/pictos/blockchain-white.svg
/pictos/blockchain.svg
/pictos/boat.svg
/pictos/calendar.svg
/pictos/candle.svg
/pictos/car.svg
/pictos/children.svg
/pictos/comment-gray.svg
/pictos/comment.svg
/pictos/contract.svg
/pictos/decarbonization-white.svg
/pictos/decarbonization.svg
/pictos/digitalization-white.svg
/pictos/digitalization.svg
/pictos/duo-heart.svg
/pictos/green-comment.svg
/pictos/heart.svg
/pictos/helix.svg
/pictos/hours.svg

Found on 2026-01-02 07:25

Severity: low
Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b92705af73eecf6fbb17db4acf11230ed

Found 14 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/avatars
/banners
/data.txt
/favicon.ico
/flags
/fonts
/images
/pictos
/robots.txt

Found on 2025-09-09 06:19

Severity: medium
Fingerprint: 5f32cf5d6962f09cd9e41e64d9e41e64db85050ef8cc8698e800567d46890f93

Found 97 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/avatars
/avatars/aircargonews.png
/avatars/automotivelogistics.jpeg
/avatars/bollore_logistics.png
/avatars/ceva_logistics.png
/avatars/cmacgm.jpeg
/avatars/cmacgmfrance.jpeg
/avatars/corsematin.png
/avatars/dc_velocity.gif
/avatars/foodlogistics.jpeg
/avatars/generic.png
/avatars/inbound_logistics.jpeg
/avatars/joc.jpeg
/avatars/journalmarinemarchande.jpeg
/avatars/lameridionale.png
/avatars/laprovence.jpeg
/avatars/latribune.png
/avatars/lemarin.jpeg
/avatars/lloyds-list.jpg
/avatars/logistics_management.jpeg
/avatars/logistics_manager.jpeg
/avatars/mer-et-marine.jpeg
/avatars/rodolphe_saade.jpeg
/avatars/sdcexec.jpeg
/avatars/shipping_watch.jpeg
/avatars/supplychaindive.jpeg
/avatars/tradewinds.png
/avatars/transporttopics.png
/avatars/WSJ.jpeg
/avatars/zebox.jpeg
/banners
/data.txt
/favicon.ico
/flags
/fonts
/images
/images/aberdeen-hong-kong-12-may-2019-aerial-view-of-co-2023-11-27-05-08-34-utc.webp
/images/aerial-view-of-container-cargo-ship-with-container-2023-11-27-15-51-29-utc.webp
/images/aerial-view-of-logistic-center-2023-11-27-05-06-08-utc.webp
/images/ai
/images/ai_2.png
/images/avatar1.png
/images/avatar2.png
/images/avatar3.png
/images/avatar4.png
/images/avatar5.png
/images/bcg.png
/images/bcg.svg
/images/blockchain
/images/blockchain.png
/images/cargo-carrier-ships-at-sunset-2023-11-27-05-12-51-utc.webp
/images/cargo-tanker-ships-in-transportation-concept-ship-2023-11-27-05-17-03-utc.webp
/images/cma-cgm.svg
/images/container-cargo-ship-in-the-export-and-import-busi-2023-11-27-04-54-50-utc.webp
/images/container-cargo-ship-in-the-export-and-import-busi-2023-11-27-05-27-26-utc.webp
/images/container-port-in-nightfall-2023-11-27-05-29-43-utc.webp
/images/container-ship-and-cranes-at-port-2023-11-27-04-52-34-utc.webp
/images/container-ship-and-cranes-at-port-2023-11-27-05-08-17-utc.webp
/images/container-ships-cranes-and-containers-at-port-in-2023-11-27-05-11-58-utc.webp
/images/container-terminal-2023-11-27-05-24-48-utc.webp
/images/container-terminal-2023-11-27-05-33-54-utc.webp
/images/containers-on-a-vessel-global-market-cargo-shipp-2023-11-27-05-13-43-utc.webp
/images/cranes-and-containers-at-port-2023-11-27-04-58-05-utc.webp
/images/decarbonization
/images/decarbonization.png
/images/digitalization
/images/digitalization.png
/images/HEC_Paris.svg
/images/imperial.png
/images/Imperial_College_London.svg
/images/industrial-port-with-containers-vessel-loading-in-2023-11-27-05-31-50-utc.webp
/images/industry-at-port-basel-switzerland-2023-11-27-05-30-36-utc.webp
/images/innovation
/images/innovation.png
/images/interior-of-warehouse-in-logistic-center-2023-11-27-04-57-57-utc.webp
/images/kwai-chung-hong-kong-27-january-2022-top-down-vi-2023-11-27-05-14-06-utc.webp
/images/kwai-tsing-hong-kong-12-february-2019-container-2023-11-27-05-01-00-utc.webp
/images/kwai-tsing-hong-kong-12-february-2019-container-2023-11-27-05-20-03-utc.webp
/images/leadership
/images/leadership.png
/images/location.svg
/images/logo.svg
/images/metaverse
/images/news_interne.svg
/images/random
/images/suitcase.svg
/images/transportation-logistics-and-container-dock-cargo-2023-11-27-04-58-20-utc.webp
/images/transportation-logistics-and-container-dock-cargo-2023-11-27-05-29-31-utc.webp
/images/warehouse-logistics-is-important-2023-11-27-05-32-06-utc.webp
/images/world.svg
/pictos
/robots.txt

Found on 2025-03-20 20:43

Severity: medium
Fingerprint: 5f32cf5d6962f09cca8154c9ca8154c9451066a1ea149df9a1ef310e5d29a316

Found 126 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/avatars
/banners
/data.txt
/favicon.ico
/flags
/fonts
/images
/images/aberdeen-hong-kong-12-may-2019-aerial-view-of-co-2023-11-27-05-08-34-utc.webp
/images/aerial-view-of-container-cargo-ship-with-container-2023-11-27-15-51-29-utc.webp
/images/aerial-view-of-logistic-center-2023-11-27-05-06-08-utc.webp
/images/ai
/images/ai_2.png
/images/avatar1.png
/images/avatar2.png
/images/avatar3.png
/images/avatar4.png
/images/avatar5.png
/images/bcg.png
/images/bcg.svg
/images/blockchain
/images/blockchain.png
/images/cargo-carrier-ships-at-sunset-2023-11-27-05-12-51-utc.webp
/images/cargo-tanker-ships-in-transportation-concept-ship-2023-11-27-05-17-03-utc.webp
/images/cma-cgm.svg
/images/container-cargo-ship-in-the-export-and-import-busi-2023-11-27-04-54-50-utc.webp
/images/container-cargo-ship-in-the-export-and-import-busi-2023-11-27-05-27-26-utc.webp
/images/container-port-in-nightfall-2023-11-27-05-29-43-utc.webp
/images/container-ship-and-cranes-at-port-2023-11-27-04-52-34-utc.webp
/images/container-ship-and-cranes-at-port-2023-11-27-05-08-17-utc.webp
/images/container-ships-cranes-and-containers-at-port-in-2023-11-27-05-11-58-utc.webp
/images/container-terminal-2023-11-27-05-24-48-utc.webp
/images/container-terminal-2023-11-27-05-33-54-utc.webp
/images/containers-on-a-vessel-global-market-cargo-shipp-2023-11-27-05-13-43-utc.webp
/images/cranes-and-containers-at-port-2023-11-27-04-58-05-utc.webp
/images/decarbonization
/images/decarbonization.png
/images/digitalization
/images/digitalization.png
/images/HEC_Paris.svg
/images/imperial.png
/images/Imperial_College_London.svg
/images/industrial-port-with-containers-vessel-loading-in-2023-11-27-05-31-50-utc.webp
/images/industry-at-port-basel-switzerland-2023-11-27-05-30-36-utc.webp
/images/innovation
/images/innovation.png
/images/interior-of-warehouse-in-logistic-center-2023-11-27-04-57-57-utc.webp
/images/kwai-chung-hong-kong-27-january-2022-top-down-vi-2023-11-27-05-14-06-utc.webp
/images/kwai-tsing-hong-kong-12-february-2019-container-2023-11-27-05-01-00-utc.webp
/images/kwai-tsing-hong-kong-12-february-2019-container-2023-11-27-05-20-03-utc.webp
/images/leadership
/images/leadership.png
/images/location.svg
/images/logo.svg
/images/metaverse
/images/news_interne.svg
/images/random
/images/random/random-1.webp
/images/random/random-2.webp
/images/random/random-3.webp
/images/random/random-4.webp
/images/random/random-5.webp
/images/random/random-6.webp
/images/random/random-7.webp
/images/random/random-8.webp
/images/random/random-9.webp
/images/suitcase.svg
/images/transportation-logistics-and-container-dock-cargo-2023-11-27-04-58-20-utc.webp
/images/transportation-logistics-and-container-dock-cargo-2023-11-27-05-29-31-utc.webp
/images/warehouse-logistics-is-important-2023-11-27-05-32-06-utc.webp
/images/world.svg
/pictos
/pictos/ai-white.svg
/pictos/ai.svg
/pictos/airplane.svg
/pictos/black-comment.svg
/pictos/blockchain-white.svg
/pictos/blockchain.svg
/pictos/boat.svg
/pictos/calendar.svg
/pictos/candle.svg
/pictos/car.svg
/pictos/children.svg
/pictos/comment-gray.svg
/pictos/comment.svg
/pictos/contract.svg
/pictos/decarbonization-white.svg
/pictos/decarbonization.svg
/pictos/digitalization-white.svg
/pictos/digitalization.svg
/pictos/duo-heart.svg
/pictos/green-comment.svg
/pictos/heart.svg
/pictos/helix.svg
/pictos/hours.svg
/pictos/icon.png
/pictos/innovation-white.svg
/pictos/innovation.svg
/pictos/leadership-white.svg
/pictos/leadership.svg
/pictos/like.svg
/pictos/linkedin-blue.svg
/pictos/linkedin.svg
/pictos/metaverse-white.svg
/pictos/metaverse.svg
/pictos/phare-1.svg
/pictos/phare-2.svg
/pictos/pink-heart.svg
/pictos/red-heart-puzzle.svg
/pictos/red-heart.svg
/pictos/retweet.svg
/pictos/runner.svg
/pictos/simple_worldmap.svg
/pictos/trainee.svg
/pictos/up.svg
/pictos/vessel.svg
/pictos/warehouse.svg
/pictos/white-heart.svg
/pictos/white-up.svg
/pictos/x.svg
/pictos/young-people.svg
/robots.txt

Found on 2025-03-10 07:13

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: amr-testing.comgy-testing.club
Port: 443
URL: https://amr-testing.comgy-testing.club

First seen 2025-11-18 00:58
Last seen 2026-01-02 07:16
Open for 45 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 07:16

123.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfvimanstradgard.cpms46.se
Port: 443
URL: https://brfvimanstradgard.cpms46.se

First seen 2025-12-03 10:25
Last seen 2026-01-02 07:08
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 07:08
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: ksa-lookups-api.ayamedica.com
Port: 443
URL: https://ksa-lookups-api.ayamedica.com

First seen 2025-10-19 22:09
Last seen 2026-01-02 07:06
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c838013e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 07:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e72f09c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-30 09:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec232f711b6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 08:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22507d28a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 09:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f7e44c2c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 11:00

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea4be6de

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 05:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2581a596a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2650de28a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec237b4469c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b5a1e7fc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 18:53

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d0bdec44

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-16 16:38

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c08956d6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-13 08:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a2780bfc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-06 06:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fd00e2ec

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-30 20:24

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-28 15:05

77.1 kBytes 30 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a6fd17a7

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Found on 2025-11-26 18:49

77.1 kBytes

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fa63432a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-23 05:09

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-21 10:57

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20215298e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-18 09:42

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ad0393be

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 15:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a24cec90

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-12 15:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22f091b90

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 14:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2804a94ce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 13:14

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2343dc23e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-07 02:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23adaff88

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-05 10:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 12:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26cec10ea

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-01 03:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29cd38086

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-30 20:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c50d87d0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 11:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a6c84f4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-26 05:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28385e7ea

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-24 06:13

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d52ed052

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec256367398

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec281699c3c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2dba6f438

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2038456eb

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 18)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:09

77.4 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: c24bygg.cpms46.se
Port: 443
URL: https://c24bygg.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 07:00
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 07:00
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.school-application.ie
Port: 443
URL: https://api.school-application.ie

First seen 2025-11-27 01:08
Last seen 2026-01-02 06:33
Open for 36 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 06:33
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: boost.tequila.ink
Port: 443
URL: https://boost.tequila.ink

First seen 2025-12-10 00:07
Last seen 2026-01-02 06:29
Open for 23 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 06:29
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: skyddanuijonkoping.cpms46.se
Port: 443
URL: https://skyddanuijonkoping.cpms46.se

First seen 2025-11-11 08:14
Last seen 2026-01-02 06:08
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 06:08
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: ksa-lookups-api.ayamedica.com
Port: 80
URL: http://ksa-lookups-api.ayamedica.com

First seen 2025-10-21 19:52
Last seen 2026-01-02 06:01
Open for 72 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c166e99a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2026-01-02 06:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec294407b00

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 23:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22bd618bc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-25 00:24

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2961cdb7e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 21:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2580352fe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e62569aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22b3130b2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-20 13:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25dd9eca4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-18 10:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db47adb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-16 05:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bc6ac904

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-14 03:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21a1f3f7a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-12 11:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d52ed052

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-10 17:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea689494

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-08 03:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec218b01c60

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-30 14:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b65ad688

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-26 18:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bb1ada9c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-22 19:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e72f09c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-21 01:47

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec296dab77c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-16 14:40

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 16:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28d95ace2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 23:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b71a430c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 20:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-07 04:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2011a5b0e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-05 10:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec24c3ffa00

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 05:35

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eccd148a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 18:58

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c53b7298

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 12:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22b460b5e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28cbea418

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26da55d84

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bb14d296

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.swipy.pro
Port: 443
URL: https://api.swipy.pro

First seen 2025-10-19 21:47
Last seen 2026-01-02 06:01
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19746d6bdd

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2026-01-02 06:01

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19b3af2f85

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-26 23:02

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19ade1c07f

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-25 00:24

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19f59637e3

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-22 21:04

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f191c710113

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19cabc88fb

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : success=false message=Cannot read properties of undefined (reading '_id') code=500
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19c8edee7d

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : success=false message=Cannot read properties of undefined (reading '_id') code=500
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f199a855f51

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19324b40e3

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false

Found on 2025-10-19 21:47

234.8 kBytes 27 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: gateway-data-api.comgy-testing.club
Port: 443
URL: https://gateway-data-api.comgy-testing.club

First seen 2025-11-18 01:19
Last seen 2026-01-02 05:57
Open for 45 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 05:57

123.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: staging.api.issassetmanager.se
Port: 443
URL: https://staging.api.issassetmanager.se

First seen 2025-11-22 01:43
Last seen 2026-01-02 05:57
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3928379fbcfaf8bf9a8190b48b897e626332e65f0
```
GraphQL introspection enabled at /graphql
Types: 93 (by kind: ENUM: 4, INPUT_OBJECT: 50, OBJECT: 33, SCALAR: 6)
Operations:
- Query: Query | fields: building, companies, company, project, projects
- Mutation: Mutation | fields: createCompany, createProject, deleteCompany, updateCompany, updateProject
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 05:57
  
  105.5 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: my-api.venyou.no
Port: 443
URL: https://my-api.venyou.no

First seen 2025-11-30 00:11
Last seen 2026-01-02 05:33
Open for 33 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-02 05:33

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-11-30 00:11

512.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.crowdfundingdanmark.dk
Port: 443
URL: https://www.crowdfundingdanmark.dk

First seen 2025-11-23 00:21
Last seen 2026-01-02 05:01
Open for 40 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 05:01
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c42ef4a6565d38d63e30e713e6ce51b23e9f2d22
```
GraphQL introspection enabled at /graphql
Types: 543 (by kind: ENUM: 64, INPUT_OBJECT: 70, INTERFACE: 1, OBJECT: 318, SCALAR: 11, UNION: 79)
Operations:
- Query: Query | fields: fields, me, openLoanQuotes, publicContent, secondaryMarketListings
- Mutation: Mutation | fields: mutateExternalFile, mutateFields, mutateForumPost, mutateProject, mutateShare
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-11-30 14:23
  
  2.8 MBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: upab.park46.se
Port: 443
URL: https://upab.park46.se

First seen 2025-10-17 00:51
Last seen 2026-01-02 04:53
Open for 77 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 04:53
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: revest.it
Port: 443
URL: https://revest.it

First seen 2025-11-16 00:14
Last seen 2026-01-02 04:21
Open for 47 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db59139cb99

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2508 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2026-01-02 04:21

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5d2bca6c0

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-30 08:53

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db518fcb704

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-26 09:08

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57c3a51aa

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-24 06:44

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db519286e1e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-22 08:06

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db58016b5b4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-20 09:10

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db515d8e506

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-18 10:10

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b97398ab

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2501 totalPages=51 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-12 12:11

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5f55aa349

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b66a4473

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db552c92ef7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5ee7a2fcf

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-02 05:45

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5296e91b0

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-01 08:53

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db513afe29e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:38

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db553d37cb8

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db53047d0b2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db55dd295bc

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2482 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-23 13:26

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db576d085c7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5aa9e1c11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db567af57b7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2476 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: mothership-staging.livecolonies.com
Port: 443
URL: https://mothership-staging.livecolonies.com

First seen 2025-11-12 01:33
Last seen 2026-01-02 04:17
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 04:17
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: calc-staging.timeline.co
Port: 80
URL: http://calc-staging.timeline.co

First seen 2025-12-09 01:01
Last seen 2026-01-02 04:17
Open for 24 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db84e0e35094065277ac6469656c169f3ad8f4ff06d8f4ff06
```
GraphQL introspection enabled at /api
Types: 76 (by kind: ENUM: 20, INPUT_OBJECT: 14, OBJECT: 32, SCALAR: 10)
Operations:
- Query: Query | fields: inheritanceTax, simulationResults, sustainableSpending
Directives: include, skip (total: 2)
```
  Found on 2026-01-02 04:17
  
  85.0 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.crowdfundinghub.dk
Port: 443
URL: https://www.crowdfundinghub.dk

First seen 2025-10-17 19:35
Last seen 2026-01-02 04:06
Open for 76 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 04:06
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c42ef4a6565d38d63e30e713e6ce51b23e9f2d22
```
GraphQL introspection enabled at /graphql
Types: 543 (by kind: ENUM: 64, INPUT_OBJECT: 70, INTERFACE: 1, OBJECT: 318, SCALAR: 11, UNION: 79)
Operations:
- Query: Query | fields: fields, me, openLoanQuotes, publicContent, secondaryMarketListings
- Mutation: Mutation | fields: mutateExternalFile, mutateFields, mutateForumPost, mutateProject, mutateShare
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-01 08:41
  
  2.8 MBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.pyhaluostoliving.fi
Port: 80
URL: http://www.pyhaluostoliving.fi

First seen 2025-01-29 07:33
Last seen 2026-01-02 03:53
Open for 337 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 03:53
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.pyhaluostoliving.fi
Port: 443
URL: https://www.pyhaluostoliving.fi

First seen 2025-01-29 07:33
Last seen 2026-01-02 03:53
Open for 337 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 03:53
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.mtnstaffpredictor.com
Port: 443
URL: https://www.mtnstaffpredictor.com

First seen 2025-10-22 00:24
Last seen 2026-01-02 02:32
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a022fb7aa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2026-01-02 02:32

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a6478b15e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-30 10:56

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a0ce3cefe

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-26 05:58

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ad0af8536

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-22 23:12

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ada28fdc2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a97efce4e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-12-18 17:44

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aa9305f6a

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-16 12:53

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aedf969ca

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-13 08:30

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a497764fa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-12-08 07:57

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ae53ae9be

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-01 04:46

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aeed92092

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-11-27 07:11

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aece152a6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-21 05:33

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a2e4ff3d0

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-12 11:30

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ab809fd72

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-11-06 22:37

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5abf823ac6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-10-24 07:21

25.6 kBytes 9 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: id-apac.smile-view.com
Port: 443
URL: https://id-apac.smile-view.com

First seen 2025-11-15 02:12
Last seen 2026-01-02 02:30
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ade27b79

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 02:30

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-27 05:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e75a2045

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-25 04:54

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775122d73e19

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-23 05:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775160671989

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 01:43

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751271b66ad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-17 02:14

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511b2f1c1b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c6692e77

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-12 11:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775193f7fc4d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 21:26

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d06b5a51

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751542f3665

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 19:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517998166d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775115658f21

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775155c7a92d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515eec5bdb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-29 10:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751deff218d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 18:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775132f854fb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:54

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513b6d56c5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 10:22

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25e3313e1

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-18 06:27

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25f9ecef9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-16 21:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2521fec4b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2922e7af9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2855a9107

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b06c8689

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: halsobrunnen.cpms46.se
Port: 443
URL: https://halsobrunnen.cpms46.se

First seen 2025-11-11 08:14
Last seen 2026-01-02 02:24
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 02:24
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfvalhalluppsala.cpms46.se
Port: 443
URL: https://brfvalhalluppsala.cpms46.se

First seen 2025-11-11 06:54
Last seen 2026-01-02 02:24
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 02:24
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.mtnstaffpredictor.com
Port: 80
URL: http://www.mtnstaffpredictor.com

First seen 2025-10-22 00:24
Last seen 2026-01-02 02:21
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aedf969ca

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2026-01-02 02:21

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a0ce3cefe

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-27 05:40

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ada28fdc2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-25 04:21

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a2e4ff3d0

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-23 05:47

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a022fb7aa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a6478b15e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5abf823ac6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-19 01:07

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a497764fa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-11-30 23:17

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ad5c42758

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-11-16 18:26

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aece152a6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-12 15:05

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ac1fa3e2c

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-11-07 02:44

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ab809fd72

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-10-30 20:35

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a97efce4e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-10-24 06:12

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aeed92092

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-10-22 00:24

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a73ee3ac2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-10-22 00:24

25.6 kBytes 9 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api-server-staging.freelancerepublik.com
Port: 443
URL: https://api-server-staging.freelancerepublik.com

First seen 2025-11-08 00:22
Last seen 2026-01-02 02:04
Open for 55 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33017047b2e9f8f792fc053504ea2bd85cca2615c

GraphQL introspection enabled at /graphql
Types: 194 (by kind: ENUM: 40, INPUT_OBJECT: 63, INTERFACE: 2, OBJECT: 79, SCALAR: 10)
Operations:
- Query: Query | fields: authStats, candidateQualification, clientOpportunities, contractDocuments, contractList
- Mutation: Mutation | fields: acceptTerms, contractMarkAsSent, contractMerge, freelanceExternalDocumentAdd, freelanceExternalDocumentEdit
- Subscription: Subscription | fields: missionUpdated, userNotified, userUpdated
Directives: auth, deprecated, include, oneOf, skip, specifiedBy (total: 6)

Found on 2026-01-02 02:04

215.1 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: leksandsbostader.park46.se
Port: 443
URL: https://leksandsbostader.park46.se

First seen 2025-10-28 01:09
Last seen 2026-01-02 01:48
Open for 66 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:48
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: dev.api.falsch-parker.ch
Port: 443
URL: https://dev.api.falsch-parker.ch

First seen 2025-10-29 01:09
Last seen 2026-01-02 01:29
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa333c43962f41e5b32791b7acaede662e70da948d7

GraphQL introspection enabled at /graphql
Types: 123 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 40, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 01:29

166.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b26636c0deb55104fa5f9fcc821945ad194583bd

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-29 00:06

167.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3daab4f76c6b8f6667c04f6eead50aa0389f1cdd3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 6, INPUT_OBJECT: 72, OBJECT: 42, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-14 09:57

171.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: centralgaragetsff.cpms46.se
Port: 443
URL: https://centralgaragetsff.cpms46.se

First seen 2025-11-11 06:54
Last seen 2026-01-02 01:18
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:18
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: lemont.cpms46.se
Port: 443
URL: https://lemont.cpms46.se

First seen 2025-11-11 06:52
Last seen 2026-01-02 01:18
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:18
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.beraten-aus-daten.de
Port: 443
URL: https://www.beraten-aus-daten.de

First seen 2025-11-24 02:45
Last seen 2026-01-02 01:09
Open for 38 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa34ece4d900a61065440eb28769c198e530ebac5bf
```
GraphQL introspection enabled at /graphql
Types: 18 (by kind: ENUM: 2, OBJECT: 11, SCALAR: 5)
Operations:
- Query: Query | fields: sdpReportStatistics, sdpReports
- Mutation: Mutation | fields: addAppUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0
```
  Found on 2026-01-02 01:09
  
  24.7 kBytes
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: app.pickaband.com
Port: 443
URL: https://app.pickaband.com

First seen 2024-12-06 17:29
Last seen 2026-01-02 00:50
Open for 391 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c575112a7575112a7e0aa0ed88206ba54163fe0635706d688

Found 102 files trough .DS_Store spidering:

/audio
/system
/uploads
/uploads/tmp
/uploads/tmp/1544094159-1924-0001-7560
/uploads/tmp/1544095130-2081-0001-1657
/uploads/tmp/1544095211-2081-0002-5743
/uploads/tmp/1544095699-2513-0001-6121
/uploads/tmp/1544095876-2595-0001-5167
/uploads/tmp/1544095899-2595-0002-7767
/uploads/tmp/1544098003-2595-0003-3003
/uploads/tmp/1544098154-2924-0001-1886
/uploads/tmp/1544098208-2924-0002-3694
/uploads/tmp/1550243553-4424-0001-2379
/uploads/tmp/1559652344-5815-0001-2673
/uploads/tmp/1559653441-5815-0002-2030
/uploads/tmp/1559653442-5815-0003-6577
/uploads/tmp/1559653466-5815-0004-3285
/uploads/tmp/1559653568-5815-0005-8162
/uploads/tmp/1559653611-5815-0006-6806
/uploads/tmp/1559653648-5815-0007-1697
/uploads/tmp/1568037011-3840-0019-7015
/uploads/tmp/1568041202-6481-0001-3726
/uploads/tmp/1568816168-4656-0001-8480
/uploads/tmp/1568816203-4656-0002-7401
/uploads/tmp/1568991762-6896-0003-6748
/uploads/tmp/1569245641-7210-0001-2661
/uploads/tmp/1570480229-6008-0001-0573
/uploads/tmp/1570480268-6008-0002-2284
/uploads/tmp/1570480342-6008-0003-4516
/uploads/tmp/1570480737-6008-0005-6454
/uploads/tmp/1570481114-6279-0001-0328
/uploads/tmp/1570714852-48464-0003-3138
/uploads/tmp/1570802023-4639-0001-2104
/uploads/tmp/1570802063-4639-0002-3763
/uploads/tmp/1570802079-4639-0003-7794
/uploads/tmp/1570802169-4639-0004-8330
/uploads/tmp/1570802330-4639-0006-8044
/uploads/tmp/1570802626-4639-0010-6137
/uploads/tmp/1570802776-4639-0011-5421
/uploads/tmp/1570805817-4639-0013-6022
/uploads/tmp/1570807868-4639-0019-1714
/uploads/tmp/1571056747-4726-0002-5755
/uploads/tmp/1572341961-1198-0001-4703
/uploads/tmp/1572346364-1198-0004-3301
/uploads/tmp/1572346797-28853-0001-9522
/uploads/tmp/1572346997-28853-0002-9585
/uploads/tmp/1572347045-28853-0003-2116
/uploads/tmp/1572347162-28853-0004-0399
/uploads/tmp/1572451125-37829-0001-5287
/uploads/tmp/1572451237-37829-0002-9395
/uploads/tmp/1572451246-37829-0003-2204
/uploads/tmp/1572451307-37829-0004-9998
/uploads/tmp/1579182373-4609-0003-3076
/uploads/tmp/1579182686-4609-0004-1609
/uploads/tmp/1579531794-1696-0001-1978
/uploads/tmp/1579531830-1696-0002-6703
/uploads/tmp/1579531880-1696-0003-6321
/uploads/tmp/1580904491-4546-0001-7617
/uploads/tmp/1580904516-4546-0002-6551
/uploads/tmp/1580905915-4546-0004-0692
/uploads/tmp/1580906269-4546-0005-8079
/uploads/tmp/1580906291-4546-0006-8039
/uploads/tmp/1580909449-4546-0007-0974
/uploads/tmp/1580909526-4546-0008-9499
/uploads/tmp/1580913633-4546-0010-6962
/uploads/tmp/1580913677-4546-0011-6222
/uploads/tmp/1580913698-4546-0012-7822
/uploads/tmp/1580913903-4546-0013-7837
/uploads/tmp/1580915687-4546-0014-1127
/uploads/tmp/1580917856-16576-0003-8184
/uploads/tmp/1580917875-16576-0004-0174
/uploads/tmp/1580917896-16576-0005-8950
/uploads/tmp/1580918111-16576-0006-6036
/uploads/tmp/1580918120-16576-0007-2309
/uploads/tmp/1580918724-16576-0010-2426
/uploads/tmp/1580984002-1794-0006-3620
/uploads/tmp/1583498690-66750-0001-8281
/uploads/tmp/1583498890-66750-0002-9703
/uploads/tmp/1583499334-66750-0003-0904
/uploads/tmp/1583499358-66749-0001-2926
/uploads/tmp/1583499607-66749-0002-9300
/uploads/tmp/1583499662-66749-0003-1153
/uploads/tmp/1583499910-66750-0004-2505
/uploads/tmp/1583500017-66749-0004-9129
/uploads/tmp/1583500058-66749-0005-3226
/uploads/tmp/1583501562-67642-0001-9464
/uploads/tmp/1583502227-67642-0002-0719
/uploads/tmp/1583502306-67643-0002-8722
/uploads/tmp/1583502336-67643-0003-7714
/uploads/tmp/1583502380-67642-0003-0961
/uploads/tmp/1601455728-1590-0002-3825
/uploads/tmp/1699456637-16203-0001-7280
/uploads/tmp/1699457674-19245-0001-1407
/uploads/tmp/1699612836-5352-0001-3817
/uploads/tmp/1699617067-7867-0001-6891
/uploads/tmp/1700056225-9452-0001-5145
/uploads/tmp/1700056305-9451-0001-5755
/uploads/tmp/1700056324-9451-0002-8754
/uploads/tmp/1700056564-10332-0001-7796
/uploads/tmp/1721220728-530766577892206-0001-1305
/uploads/tmp/1721222033-574015857537163-0002-1057

Found on 2026-01-02 00:50

Severity: low
Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc751fe8e7ef4484457c48e2125c55cf5b
```
Found 4 files trough .DS_Store spidering:

/audio
/system
/uploads
/uploads/tmp
```
Found on 2025-10-04 00:04
Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f09968c30735b432cd3bab40bd3bab40b
```
Found 3 files trough .DS_Store spidering:

/audio
/system
/uploads
```
Found on 2025-08-04 01:08

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: landskronastad.cpms46.se
Port: 443
URL: https://landskronastad.cpms46.se

First seen 2025-12-03 10:26
Last seen 2026-01-02 00:50
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 00:50
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfstenvik.cpms46.se
Port: 443
URL: https://brfstenvik.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 00:50
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 00:50
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: apollo.weweb.app
Port: 80
URL: http://apollo.weweb.app

First seen 2025-11-10 01:01
Last seen 2026-01-01 23:51
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa30d8e9b11d43964d3d38109894c28d2dca98c0290
```
GraphQL introspection enabled at /graphql
Types: 78 (by kind: ENUM: 3, OBJECT: 68, SCALAR: 7)
Operations:
- Query: Query | fields: _empty, getCollection, getCollectionAccess, getPublicCollections, getUserCollections
- Mutation: Mutation | fields: _empty, createCollection, createFrontVersion, createManagerVersion, updateCollection
Directives: cacheControl, deprecated, include, skip (total: 4)
```
  Found on 2026-01-01 23:51
  
  160.8 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: elsystemiperstorp.cpms46.se
Port: 443
URL: https://elsystemiperstorp.cpms46.se

First seen 2025-11-11 06:59
Last seen 2026-01-01 23:50
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-01 23:50
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: dev-api.far.app
Port: 80
URL: http://dev-api.far.app

First seen 2025-11-08 00:02
Last seen 2026-01-01 22:17
Open for 54 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ad27e0e75b9b61d570c6c051a2fc51b0453bc911

GraphQL introspection enabled at /graphql
Types: 398 (by kind: ENUM: 3, INPUT_OBJECT: 119, INTERFACE: 1, OBJECT: 269, SCALAR: 6)
Operations:
- Query: Query | fields: activePlayer, activePlayers, node, teamLeagueSearchDto, teamLeagueSearchDtos
- Mutation: Mutation | fields: createTeamLeagueSearchDto, deleteActivePlayer, deleteTeamLeagueSearchDto, updateActivePlayer, updateTeamLeagueSearchDto
- Subscription: Subscription | fields: updateEventNotificationSubscribe, updateGameSubscribe
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-01 22:17

517.3 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: hr.tccs.org.uk
Port: 443
URL: https://hr.tccs.org.uk

First seen 2025-10-29 00:29
Last seen 2026-01-01 21:19
Open for 64 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0ff409caf1d7ce3958a8756b5ea8756b5e
```
Found 3 files trough .DS_Store spidering:

/assets
/assets/images
/assets/js
```
  Found on 2026-01-01 21:19
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.ridebly.com
Port: 443
URL: https://api.ridebly.com

First seen 2025-10-30 00:51
Last seen 2026-01-01 21:11
Open for 63 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3cd8f79f403cffaf8a071897e00d46482445d345e

GraphQL introspection enabled at /graphql
Types: 218 (by kind: ENUM: 43, INPUT_OBJECT: 69, OBJECT: 98, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-01 21:11

303.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa320948d480517a6ec586abb626b937b96de6f9272

GraphQL introspection enabled at /graphql
Types: 216 (by kind: ENUM: 41, INPUT_OBJECT: 69, OBJECT: 98, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-13 09:02

298.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3f4ac0dbf558fa50d5efa3927bdb73421b29127fd

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 24, INPUT_OBJECT: 27, OBJECT: 51, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookings, business, businesses, client
- Mutation: Mutation | fields: addBooking, addBookingSimple, addBusiness, addClient, addError
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-16 16:31

152.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: brfnackasaltsjoterrassen.cpms46.se
Port: 443
URL: https://brfnackasaltsjoterrassen.cpms46.se

First seen 2025-11-11 06:56
Last seen 2026-01-01 21:05
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-01 21:05
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: tickets.novaspektrum.no
Port: 443
URL: https://tickets.novaspektrum.no

First seen 2025-11-26 01:11
Last seen 2026-01-01 19:46
Open for 36 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-01 19:46

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-01 09:25

511.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: amfparkering.park46.se
Port: 443
URL: https://amfparkering.park46.se

First seen 2025-12-04 00:54
Last seen 2025-12-30 12:24
Open for 26 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-30 12:24
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: revest.it
Port: 80
URL: http://revest.it

First seen 2025-11-16 00:14
Last seen 2025-12-30 12:23
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db515d8e506

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-30 12:23

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db519286e1e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-26 09:35

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57c3a51aa

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-21 04:23

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db58016b5b4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-19 01:28

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57042e04a

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2503 totalPages=51 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-14 07:03

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5363dbdb4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2501 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-13 04:47

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db552c92ef7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5cc47aba9

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db50a5cdc11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db53047d0b2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-01 01:39

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db553d37cb8

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5920ed1a2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2488 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-29 01:49

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db55dd295bc

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2482 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-23 14:56

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5259a2b84

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : firstPage=true lastPage=false nextPage=2 size=50 totalItems=2482 totalPages=50 currentPage=1
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-21 00:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b9eae3e1

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5aa9e1c11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db576d085c7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: tw-apac.smile-view.com
Port: 80
URL: http://tw-apac.smile-view.com

First seen 2025-11-15 02:31
Last seen 2025-12-30 12:08
Open for 45 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751df0d4437

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-30 12:08

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bd7aa36d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-26 09:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775100e8e49d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 06:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c975b96b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 23:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751769cc821

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 01:13

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513a16f09f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 20:39

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514bd3529b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 16:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516d51f0ab

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-14 06:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 05:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c20d5379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e4e6461d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c839ea73

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e11f074f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751cc04f973

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 01:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775160a9fe13

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-29 01:43

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751521935af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-27 12:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751924c9ab5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-24 10:53

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775185ab36d9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 00:10

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e75a2045

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-21 06:09

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b02bfe7b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:01

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e24220b135

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e237ff3275

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e253367f3b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25394fc79

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.api.hubbo.io
Port: 443
URL: https://www.api.hubbo.io

First seen 2025-11-29 23:52
Last seen 2025-12-30 11:03
Open for 30 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e4a875b1d0c530b3d560e81017d2632ef0101968

GraphQL introspection enabled at /graphql
Types: 70 (by kind: ENUM: 7, INPUT_OBJECT: 9, OBJECT: 47, SCALAR: 7)
Operations:
- Query: Query | fields: client_getCurrentAccount, getAllAccounts, getCurrentAccount, getCurrentAccountPermissions, signin
- Mutation: Mutation | fields: createAccount, removeAccount, resetPassword, signup, updateAccount
- Subscription: Subscription | fields: accountCreated, accountDeleted, accountUpdated, client_accountCreated, client_accountUpdated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-30 11:03

93.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.ridebly.com
Port: 80
URL: http://api.ridebly.com

First seen 2025-10-30 00:51
Last seen 2025-12-29 01:26
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3cd8f79f403cffaf8a071897e00d46482445d345e

GraphQL introspection enabled at /graphql
Types: 218 (by kind: ENUM: 43, INPUT_OBJECT: 69, OBJECT: 98, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-29 01:26

303.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa320948d480517a6ec586abb626b937b96de6f9272

GraphQL introspection enabled at /graphql
Types: 216 (by kind: ENUM: 41, INPUT_OBJECT: 69, OBJECT: 98, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-13 10:51

298.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3f4ac0dbf558fa50d5efa3927bdb73421b29127fd

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 24, INPUT_OBJECT: 27, OBJECT: 51, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookings, business, businesses, client
- Mutation: Mutation | fields: addBooking, addBookingSimple, addBusiness, addClient, addError
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-16 18:09

152.0 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api-mdd.erika-belicova.com
Port: 80
URL: http://api-mdd.erika-belicova.com

First seen 2025-12-09 01:38
Last seen 2025-12-26 12:29
Open for 17 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d6bbd62533d19fbb146d238df46eb3a2b5
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/posts
GET /api/posts/{id}
GET /api/topics
POST /api/auth/login
POST /api/auth/register
POST /api/posts/{id}/comments
POST /api/topics/{id}/subscriptions
```
  Found on 2025-12-26 12:29
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: boersekilchberg.ch
Port: 80
URL: http://boersekilchberg.ch

First seen 2022-10-05 11:50
Last seen 2025-12-26 06:17
Open for 1177 days

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7bd739e4310bfa9fd438b1a50176d90ea

Found 128 files trough .DS_Store spidering:

/.assets
/.assets/@webassemblyjs
/.assets/@xtuc
/.assets/abbrev
/.assets/accepts
/.assets/acorn
/.assets/ajv
/.assets/ajv-errors
/.assets/ajv-keywords
/.assets/ansi-colors
/.assets/ansi-html
/.assets/ansi-regex
/.assets/anymatch
/.assets/aproba
/.assets/are-we-there-yet
/.assets/arr-diff
/.assets/arr-flatten
/.assets/arr-union
/.assets/array-flatten
/.assets/array-union
/.assets/array-uniq
/.assets/array-unique
/.assets/asn1.js
/.assets/assert
/.assets/assign-symbols
/.assets/async
/.assets/async-each
/.assets/async-limiter
/.assets/atob
/.assets/balanced-match
/.assets/base
/.assets/base64-js
/.assets/batch
/.assets/big.js
/.assets/bin
/.assets/bluebird
/.assets/bn.js
/.assets/body-parser
/.assets/bonjour
/.assets/brace-expansion
/.assets/braces
/.assets/brorand
/.assets/browserify-aes
/.assets/browserify-cipher
/.assets/browserify-des
/.assets/browserify-rsa
/.assets/browserify-sign
/.assets/browserify-zlib
/.assets/buffer
/.assets/buffer-from
/.assets/buffer-indexof
/.assets/buffer-xor
/.assets/builtin-status-codes
/.assets/bytes
/.assets/cacache
/.assets/cache-base
/.assets/camelcase
/.assets/chokidar
/.assets/chownr
/.assets/chrome-trace-event
/.assets/cipher-base
/.assets/class-utils
/.assets/cliui
/.assets/code-point-at
/.assets/collection-visit
/.assets/commander
/.assets/commondir
/.assets/component-emitter
/.assets/components
/.assets/compressible
/.assets/compression
/.assets/concat-map
/.assets/concat-stream
/.assets/connect-history-api-fallback
/.assets/console-browserify
/.assets/console-control-strings
/.assets/constants-browserify
/.assets/content-disposition
/.assets/content-type
/.assets/cookie
/.assets/cookie-signature
/.assets/copy-concurrently
/.assets/copy-descriptor
/.assets/core-util-is
/.assets/create-ecdh
/.assets/create-hash
/.assets/create-hmac
/.assets/cross-spawn
/.assets/crypto-browserify
/.assets/cyclist
/.assets/date-now
/.assets/debug
/.assets/decamelize
/.assets/decode-uri-component
/.assets/deep-equal
/.assets/deep-extend
/.assets/default-gateway
/.assets/define-property
/.assets/del
/.assets/delegates
/.assets/depd
/.assets/des.js
/.assets/destroy
/.assets/detect-libc
/.assets/detect-node
/.assets/diffie-hellman
/.assets/dns-equal
/.assets/dns-packet
/.assets/dns-txt
/.assets/domain-browser
/.assets/duplexify
/.assets/ee-first
/.assets/elliptic
/.assets/emojis-list
/.assets/encodeurl
/.assets/end-of-stream
/.assets/enhanced-resolve
/.assets/errno
/.assets/escape-html
/.assets/eslint-scope
/.assets/esrecurse
/.assets/estraverse
/.assets/etag
/.assets/eventemitter3
/.assets/events
/.assets/eventsource
/.assets/evp_bytestokey
/.assets/execa

Found on 2025-12-26 06:17

Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f175e2dbb5f0c996dfa4568b2fa4568b2
```
Found 3 files trough .DS_Store spidering:

/.assets
/assets
/documents
```
Found on 2022-10-05 11:50

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.boersekilchberg.ch
Port: 80
URL: http://www.boersekilchberg.ch

First seen 2022-10-07 11:49
Last seen 2025-12-26 06:10
Open for 1175 days

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7bd739e4310bfa9fd438b1a50176d90ea

Found 128 files trough .DS_Store spidering:

/.assets
/.assets/@webassemblyjs
/.assets/@xtuc
/.assets/abbrev
/.assets/accepts
/.assets/acorn
/.assets/ajv
/.assets/ajv-errors
/.assets/ajv-keywords
/.assets/ansi-colors
/.assets/ansi-html
/.assets/ansi-regex
/.assets/anymatch
/.assets/aproba
/.assets/are-we-there-yet
/.assets/arr-diff
/.assets/arr-flatten
/.assets/arr-union
/.assets/array-flatten
/.assets/array-union
/.assets/array-uniq
/.assets/array-unique
/.assets/asn1.js
/.assets/assert
/.assets/assign-symbols
/.assets/async
/.assets/async-each
/.assets/async-limiter
/.assets/atob
/.assets/balanced-match
/.assets/base
/.assets/base64-js
/.assets/batch
/.assets/big.js
/.assets/bin
/.assets/bluebird
/.assets/bn.js
/.assets/body-parser
/.assets/bonjour
/.assets/brace-expansion
/.assets/braces
/.assets/brorand
/.assets/browserify-aes
/.assets/browserify-cipher
/.assets/browserify-des
/.assets/browserify-rsa
/.assets/browserify-sign
/.assets/browserify-zlib
/.assets/buffer
/.assets/buffer-from
/.assets/buffer-indexof
/.assets/buffer-xor
/.assets/builtin-status-codes
/.assets/bytes
/.assets/cacache
/.assets/cache-base
/.assets/camelcase
/.assets/chokidar
/.assets/chownr
/.assets/chrome-trace-event
/.assets/cipher-base
/.assets/class-utils
/.assets/cliui
/.assets/code-point-at
/.assets/collection-visit
/.assets/commander
/.assets/commondir
/.assets/component-emitter
/.assets/components
/.assets/compressible
/.assets/compression
/.assets/concat-map
/.assets/concat-stream
/.assets/connect-history-api-fallback
/.assets/console-browserify
/.assets/console-control-strings
/.assets/constants-browserify
/.assets/content-disposition
/.assets/content-type
/.assets/cookie
/.assets/cookie-signature
/.assets/copy-concurrently
/.assets/copy-descriptor
/.assets/core-util-is
/.assets/create-ecdh
/.assets/create-hash
/.assets/create-hmac
/.assets/cross-spawn
/.assets/crypto-browserify
/.assets/cyclist
/.assets/date-now
/.assets/debug
/.assets/decamelize
/.assets/decode-uri-component
/.assets/deep-equal
/.assets/deep-extend
/.assets/default-gateway
/.assets/define-property
/.assets/del
/.assets/delegates
/.assets/depd
/.assets/des.js
/.assets/destroy
/.assets/detect-libc
/.assets/detect-node
/.assets/diffie-hellman
/.assets/dns-equal
/.assets/dns-packet
/.assets/dns-txt
/.assets/domain-browser
/.assets/duplexify
/.assets/ee-first
/.assets/elliptic
/.assets/emojis-list
/.assets/encodeurl
/.assets/end-of-stream
/.assets/enhanced-resolve
/.assets/errno
/.assets/escape-html
/.assets/eslint-scope
/.assets/esrecurse
/.assets/estraverse
/.assets/etag
/.assets/eventemitter3
/.assets/events
/.assets/eventsource
/.assets/evp_bytestokey
/.assets/execa

Found on 2025-12-26 06:10

Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f175e2dbb5f0c996dfa4568b2fa4568b2
```
Found 3 files trough .DS_Store spidering:

/.assets
/assets
/documents
```
Found on 2022-10-07 11:49

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.sssss.co.in
Port: 443
URL: https://www.sssss.co.in

First seen 2025-07-01 00:37
Last seen 2025-12-23 06:38
Open for 175 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9debeb6aa3ebeb6aa3ebeb6aa3ebeb6aa3
```
Found 1 files trough .DS_Store spidering:

/favicon_io
```
  Found on 2025-12-23 06:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.estate.erika-belicova.site
Port: 443
URL: https://api.estate.erika-belicova.site

First seen 2025-11-07 01:46
Last seen 2025-12-22 20:42
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d69b053bdfc4e9521049e135493191b7af
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/rentals
GET /api/rentals/{id}
GET /api/user/{id}
POST /api/auth/login
POST /api/auth/register
POST /api/messages
```
  Found on 2025-12-22 20:42
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: stats.api.fanomena.io
Port: 443
URL: https://stats.api.fanomena.io

First seen 2025-11-10 00:52
Last seen 2025-12-22 18:45
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36402dc35ec3932b717eb30b1806144544f67e458
```
GraphQL introspection enabled at /graphql
Types: 51 (by kind: ENUM: 6, INPUT_OBJECT: 3, OBJECT: 22, SCALAR: 20)
Operations:
- Query: Query | fields: events, eventsCount, eventsGroup, sessions, status
- Mutation: Mutation | fields: _empty, createEvent, createSession, generateKey, updateSession
Directives: cacheControl, deprecated, include, skip (total: 4)
```
  Found on 2025-12-22 18:45
  
  55.4 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-26 22:15
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.rknp.be
Port: 80
URL: http://api.rknp.be

First seen 2025-10-16 01:19
Last seen 2025-12-16 10:00
Open for 61 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bf95f2dbc8f5bc4cb9593ccf37d5800b358237ce3
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /v1.0/agents
GET /v1.0/agents/{id}
GET /v1.0/insuranceCompanies
GET /v1.0/insuranceCompanies/{id}
GET /v1.0/policies
GET /v1.0/policies/{id}
GET /v1.0/policiesToPay
GET /v1.0/policyTypes
GET /v1.0/policyTypes/{id}
GET /v1.0/users/me
POST /v1.0/authenticate
POST /v1.0/confirmToken
```
  Found on 2025-12-16 10:00
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: platform-api.vitaos.eu
Port: 80
URL: http://platform-api.vitaos.eu

First seen 2025-12-12 15:41
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549cb147c2d5f91fece34c8847c0314cc63162e3155
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/platform/onboarding
GET /api/platform/onboarding/{appId}
GET /api/platform/profile
GET /api/platform/schedule/{appId}
POST /api/platform/onboarding/complete
POST /api/platform/onboarding/{appId}/complete
POST /api/waitlist
PUT /api/platform/onboarding/ai-consent
PUT /api/platform/onboarding/{appId}/step
```
  Found on 2025-12-12 15:41
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: hin-weg.braufabrik.de
Port: 80
URL: http://hin-weg.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: kobier.braufabrik.de
Port: 443
URL: https://kobier.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: lebenslangesfreibier.braufabrik.de
Port: 443
URL: https://lebenslangesfreibier.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: landgasthof-gruener-kranz.braufabrik.de
Port: 443
URL: https://landgasthof-gruener-kranz.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: fastnacht-bier.braufabrik.de
Port: 443
URL: https://fastnacht-bier.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: rischguddi.braufabrik.de
Port: 443
URL: https://rischguddi.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: pulverwald-pils.braufabrik.de
Port: 443
URL: https://pulverwald-pils.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: detmoldzulippe.braufabrik.de
Port: 80
URL: http://detmoldzulippe.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: camp-canis.braufabrik.de
Port: 80
URL: http://camp-canis.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: saicos.braufabrik.de
Port: 443
URL: https://saicos.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: bier-geschenke.braufabrik.de
Port: 80
URL: http://bier-geschenke.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: koppai.braufabrik.de
Port: 80
URL: http://koppai.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: koppai.braufabrik.de
Port: 443
URL: https://koppai.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: dashellersdorfer.braufabrik.de
Port: 443
URL: https://dashellersdorfer.braufabrik.de

First seen 2025-12-11 20:06
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:06
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: prod.roomview.io
Port: 443
URL: https://prod.roomview.io

First seen 2025-10-17 00:31
Last seen 2025-12-10 12:48
Open for 54 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3f9566a1a4078838a5bddd5137cac351f5e986993
```
GraphQL introspection enabled at /graphql
Types: 35 (by kind: ENUM: 2, INPUT_OBJECT: 9, OBJECT: 19, SCALAR: 5)
Operations:
- Query: Query | fields: debug, me, propertyGet, user, version
- Mutation: Mutation | fields: accept, invite, leaveAgency, reject, removeMember
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2025-12-10 12:48
  
  54.8 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: manage.livealert.co.za
Port: 443
URL: https://manage.livealert.co.za

First seen 2025-10-30 08:55
Last seen 2025-12-01 11:51
Open for 32 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e975a091b72746f63ea0d5503bcb47938b
```
Found 5 files trough .DS_Store spidering:

/assets
/assets/icons
/assets/images
/assets/images/onboarding
/assets/images/polygons
```
  Found on 2025-12-01 11:51
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2025-10-30 08:55
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: dev-selectapi.orientalweavers.com
Port: 443
URL: https://dev-selectapi.orientalweavers.com

First seen 2025-10-22 15:27
Last seen 2025-12-01 10:17
Open for 39 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39c2ed9c86f2d406c21cf596041104d470aa66e7b

GraphQL introspection enabled at /graphql
Types: 123 (by kind: ENUM: 6, INPUT_OBJECT: 13, INTERFACE: 1, OBJECT: 97, SCALAR: 6)
Operations:
- Query: Query | fields: allPatches, allSampleCodes, allSkuCodes, allSkus, ordersByUser
- Mutation: Mutation | fields: createOrder, createPresignedUrls, deletePresignedUrls, updateSku, uploadSku
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-01 10:17

166.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a87eb3f45735b8f8d63e0914a4a8c7334b671aff

GraphQL introspection enabled at /graphql
Types: 122 (by kind: ENUM: 6, INPUT_OBJECT: 13, INTERFACE: 1, OBJECT: 96, SCALAR: 6)
Operations:
- Query: Query | fields: allPatches, allSampleCodes, allSkuCodes, allSkus, ordersByUser
- Mutation: Mutation | fields: createOrder, createPresignedUrls, deletePresignedUrls, updateSku, uploadSku
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-22 15:27

163.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: do.envisioning.io
Port: 443
URL: https://do.envisioning.io

First seen 2025-11-11 03:17
Last seen 2025-11-30 17:10
Open for 19 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3716c38207f2f4024420c2aaa6eec64b126ed13d1
```
GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 19, INPUT_OBJECT: 17, INTERFACE: 4, OBJECT: 34, SCALAR: 6)
Operations:
- Query: Query | fields: board, boards, collection, collections, projects
- Mutation: Mutation | fields: createMetric, createSurvey, createUser, updateMetric, updateSurvey
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-11-30 17:10
  
  127.4 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.slow-mo.net
Port: 443
URL: https://www.slow-mo.net

First seen 2025-07-25 10:20
Last seen 2025-11-30 13:40
Open for 128 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d956ff55a956ff55a956ff55a956ff55a
```
Found 1 files trough .DS_Store spidering:

/icons
```
  Found on 2025-11-30 13:40
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: auth-api.clearexpress.com
Port: 443
URL: https://auth-api.clearexpress.com

First seen 2025-10-14 18:36
Last seen 2025-11-29 19:01
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ec9da4adef8bac5c2831ffcb32cb6ee15dcb6ee15d
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /dev-api/test/user/list
GET /dev-api/test/user/{userId}
POST /dev-api/test/user/save
PUT /dev-api/test/user/update
```
  Found on 2025-11-29 19:01
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: polizeiticker.ch
Port: 443
URL: https://polizeiticker.ch

First seen 2025-11-09 00:31
Last seen 2025-11-28 20:13
Open for 19 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-11-28 20:13
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.polizeiticker.at
Port: 80
URL: http://www.polizeiticker.at

First seen 2025-11-16 02:45
Last seen 2025-11-26 05:15
Open for 10 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-11-26 05:15
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: devbackend.alfredsurgery.com
Port: 443
URL: https://devbackend.alfredsurgery.com

First seen 2025-11-19 02:02
Last seen 2025-11-23 07:37
Open for 4 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa376ae74d3c8f947914616b8b7428e451c344717bb

GraphQL introspection enabled at /graphql
Types: 162 (by kind: ENUM: 2, INPUT_OBJECT: 53, OBJECT: 104, SCALAR: 3)
Operations:
- Query: Query | fields: getAllEquipment, getEquipment, getEquipmentByName, getNodeEquipment, getProcedureComments
- Mutation: Mutation | fields: addEquipment, addNodeEquipment, addProcedureComment, deleteEquipment, deleteNodeEquipment
- Subscription: Subscription | fields: newProcedureNode
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-23 07:37

169.2 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: auth-api.clearexpress.fr
Port: 80
URL: http://auth-api.clearexpress.fr

First seen 2025-11-23 03:41
Last seen 2025-11-23 03:41
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ec9da4adef8bac5c2831ffcb32cb6ee15dcb6ee15d
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /dev-api/test/user/list
GET /dev-api/test/user/{userId}
POST /dev-api/test/user/save
PUT /dev-api/test/user/update
```
  Found on 2025-11-23 03:41
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.theta-sound.com
Port: 80
URL: http://www.theta-sound.com

First seen 2025-11-16 02:44
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-16 02:44
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.been-journal.co
Port: 80
URL: http://api.been-journal.co

First seen 2025-11-16 00:54

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7251d45947bff0b67d5e114dd54339c71185a3689

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /user/{user_id}/delete
GET /auth/google-auth-status
GET /auth/logout
GET /countries/
GET /media/picker/items
GET /media/picker/session
GET /places/country
GET /places/find
GET /places/search
GET /tags/
GET /trips/
GET /trips/{trip_id}
GET /user/
GET /user/filters
GET /user/list
GET /user/mates
GET /user/{user_id}
GET /user/{user_id}/filters
GET /user/{user_id}/trips
GET /wishlist/
GET /wishlist/filters
POST /auth/login
POST /auth/refresh-token
POST /auth/set-google-token
POST /directions/
POST /media/avatar
POST /media/clean
POST /media/confirm-upload
POST /media/extract-location
POST /media/get-upload-url
POST /media/image
POST /media/picker/image
POST /places/details
POST /trips/{trip_id}/accept
POST /trips/{trip_id}/reject
POST /user/link-mate
POST /user/{user_id}/activate
POST /wishlist/check
PUT /wishlist/{item_id}

Found on 2025-11-16 00:54

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: www.londonsyncmusic.com
Port: 443
URL: https://www.londonsyncmusic.com

First seen 2025-11-15 02:50
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-15 02:50
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: instant-quote.orderfox.com
Port: 443
URL: https://instant-quote.orderfox.com

First seen 2025-10-26 00:56
Last seen 2025-11-14 07:58
Open for 19 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-11-14 07:58
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: trace-core.bettersourcing.net
Port: 80
URL: http://trace-core.bettersourcing.net

First seen 2025-10-24 00:32
Last seen 2025-11-12 16:07
Open for 19 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3832d39a27918fbf21c98f23f721f49da62cbeb6c

GraphQL introspection enabled at /graphql
Types: 74 (by kind: ENUM: 8, INPUT_OBJECT: 22, OBJECT: 37, SCALAR: 7)
Operations:
- Query: Query | fields: getAllRegions, getBusinessLocationById, getBusinessLocations, getRegionById, getSupplyChainBusinessLocations
- Mutation: Mutation | fields: createBusinessLocation, createRegion, deleteRegion, updateBusinessLocation, updateRegion
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-12 16:07

122.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fae7550a6463f6ba4d7251d7c1ff99025e9003b4

GraphQL introspection enabled at /graphql
Types: 73 (by kind: ENUM: 8, INPUT_OBJECT: 21, OBJECT: 37, SCALAR: 7)
Operations:
- Query: Query | fields: getAllRegions, getBusinessLocationById, getBusinessLocations, getRegionById, getSupplyChainBusinessLocations
- Mutation: Mutation | fields: createBusinessLocation, createRegion, deleteRegion, updateBusinessLocation, updateRegion
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-28 13:24

121.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: trace-core.bettersourcing.net
Port: 443
URL: https://trace-core.bettersourcing.net

First seen 2025-10-24 00:32
Last seen 2025-11-12 10:21
Open for 19 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3832d39a27918fbf21c98f23f721f49da62cbeb6c

GraphQL introspection enabled at /graphql
Types: 74 (by kind: ENUM: 8, INPUT_OBJECT: 22, OBJECT: 37, SCALAR: 7)
Operations:
- Query: Query | fields: getAllRegions, getBusinessLocationById, getBusinessLocations, getRegionById, getSupplyChainBusinessLocations
- Mutation: Mutation | fields: createBusinessLocation, createRegion, deleteRegion, updateBusinessLocation, updateRegion
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-12 10:21

122.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fae7550a6463f6ba4d7251d7c1ff99025e9003b4

GraphQL introspection enabled at /graphql
Types: 73 (by kind: ENUM: 8, INPUT_OBJECT: 21, OBJECT: 37, SCALAR: 7)
Operations:
- Query: Query | fields: getAllRegions, getBusinessLocationById, getBusinessLocations, getRegionById, getSupplyChainBusinessLocations
- Mutation: Mutation | fields: createBusinessLocation, createRegion, deleteRegion, updateBusinessLocation, updateRegion
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-27 08:39

121.3 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: app-mobile-api-pr-145.mydualsun.com
Port: 80
URL: http://app-mobile-api-pr-145.mydualsun.com

First seen 2025-11-05 13:40
Last seen 2025-11-12 04:53
Open for 6 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa37267f4a5c78c05a75fb361d44b7fa474bc33aace
```
GraphQL introspection enabled at /graphql
Types: 606 (by kind: ENUM: 20, INPUT_OBJECT: 488, OBJECT: 91, SCALAR: 7)
Operations:
- Query: Query | fields: aggregateBallons, findFirstBallons, findFirstBallonsOrThrow, isEmailAvailable, profile
- Mutation: Mutation | fields: login, refreshToken, sendPasswordResetEmail, signOut, signUp
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2025-11-12 04:53
  
  1.3 MBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: app-mobile-api-pr-145.mydualsun.com
Port: 443
URL: https://app-mobile-api-pr-145.mydualsun.com

First seen 2025-11-05 13:40
Last seen 2025-11-12 04:53
Open for 6 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa37267f4a5c78c05a75fb361d44b7fa474bc33aace
```
GraphQL introspection enabled at /graphql
Types: 606 (by kind: ENUM: 20, INPUT_OBJECT: 488, OBJECT: 91, SCALAR: 7)
Operations:
- Query: Query | fields: aggregateBallons, findFirstBallons, findFirstBallonsOrThrow, isEmailAvailable, profile
- Mutation: Mutation | fields: login, refreshToken, sendPasswordResetEmail, signOut, signUp
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2025-11-12 04:53
  
  1.3 MBytes
Create report

Finds vulnerable Vite development environment

ViteJS development environment found and vulnerable to CVE-2025-30208

IP: 75.2.43.161
Domain: playground.herb-tools.dev
Port: 80
URL: http://playground.herb-tools.dev

First seen 2025-05-11 01:14
Last seen 2025-11-09 00:10
Open for 181 days

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32bdccca4d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=17966
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762646975990-0.9493229795780282:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-09 00:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e0b7cf1f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52945
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1761984124601-0.4418163024777919:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-01 08:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3274c053e4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=40589
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1761113791381-0.4590880096956911:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-22 06:35

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f328068be9a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=50488
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760761485727-0.43376254678566517:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-18 05:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f325d8d2d6c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=37287
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757899714400-0.7326981271024859:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-15 02:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f4048c97

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=10541
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757531965536-0.6396828785082138:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-10 21:55

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3298542bdb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=47250
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757380073188-0.675452065947028:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-09 01:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f322875966e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=53700
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756365424807-0.9211713029946824:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-28 07:43

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f329d282003

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4314
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756012834912-0.9394389677333865:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-24 05:43

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f321fb6d8cc

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=21984
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1755320883588-0.6053046250294682:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-16 05:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3208a2f73b

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=13362
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1754813697369-0.4995278510991388:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-11 06:19

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324f9dfa47

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=26964
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1754664058281-0.03104212285460406:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-09 07:43

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3248d50f39

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=53814
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1754529291600-0.7525002232710525:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-07 04:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32ec08c7ae

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52240
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1754265677137-0.6917057074995938:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-04 16:45

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3231ee543f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32025
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1754178382038-0.4658450726709422:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-03 04:43

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f326d59e880

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=28185
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1754090150289-0.0577597769315803:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-02 01:52

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320eac0032

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4288
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1753914974768-0.6540890568898936:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-31 04:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32a1b76741

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=16566
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1753740634780-0.2550699974763573:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-29 04:36

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32aa735d40

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=25013
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1753565429438-0.8354717305422892:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-26 21:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32cacf7db2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=51714
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1753212053033-0.34750193416644337:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-23 02:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32549df677

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=22698
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1752892690815-0.7271145275683781:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-20 03:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32311733b4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=45894
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1752624141345-0.9896726379832324:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-16 07:36

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e96be7fb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=29629
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1752447665645-0.8571530428189944:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-14 06:30

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f327cd83d63

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=53185
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1752271327300-0.8200500984777508:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-12 07:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32c2d25be5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=5149
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1752094002033-0.43264047717120513:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-10 08:51

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f328557b75f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=6584
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751758914937-0.7885943937150135:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-06 17:27

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32beefe917

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=47065
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751583821151-0.7108472876575533:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-04 11:41

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320b38d9ec

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=21248
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751409137666-0.3100288685395163:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-02 07:41

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f327eedbb4a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=20662
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751232485222-0.794604414691569:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-30 07:51

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f329fda0b01

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=57336
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750880779299-0.5028223843687956:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-26 04:58

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d5b9d254

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=22804
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750703017961-0.016424100377768536:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-24 03:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3203a7e622

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=58629
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750527671613-0.556973213591103:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-22 01:07

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3292b2ae0a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=26884
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750351930724-0.9846237639757578:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-20 00:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32a72ba4ae

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32912
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750049529225-0.14310143415260024:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-16 11:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32acc9be67

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=44461
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749697278375-0.8682073729675419:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-12 20:45

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320f1d3c38

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=30370
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749520089745-0.20015026062714458:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-10 19:01

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32ececf236

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=27251
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749344685556-0.26341538004616893:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-08 18:51

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324a75a10d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=8585
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748993972296-0.8284922067309226:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-04 21:32

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3299a424e4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42889
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748905595305-0.6479918862300367:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-03 06:00

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32b4f0a410

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=45300
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748817431030-0.8859293944818369:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-02 04:44

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324949c47a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4685
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748552944615-0.9399623803540622:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-30 14:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3215fd2c3e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42858
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748378393008-0.5172547923060653:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-28 09:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f329df34877

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=40548
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748201965281-0.9058471789573592:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-26 10:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32fc42ed16

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=38663
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748026788011-0.956471402828583:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-24 07:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d6a7b2d2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=10070
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747850897904-0.6479687899093982:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-22 07:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320283cd23

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=14630
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747674550231-0.3341354391322575:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-20 09:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d59d1fe1

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=58074
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747500008230-0.08779318759249066:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-18 10:44

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f18f6821

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=34707
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747322270160-0.6522856430421207:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-16 14:14

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e66b019d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=54477
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747060071423-0.8300618024340567:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-13 01:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32290abc25

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=5020
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1746883323811-0.9689532224850292:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-11 01:14

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 75.2.43.161
Domain: streamerxsolla.megamod.io
Port: 80
URL: http://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-11-05 14:12
Open for 233 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522529e553a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/AdminPanel
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1FQVFdwZ1dTd0JOc2k3TWNWdG5uRTAwakVaMUZSTjFQV3FYNQ==
[branch "xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/xsolla/v17alya/releases

Found on 2025-11-05 14:12

465 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220c7c4fde

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/AdminPanel
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3BLeklTaWFQOHdqSGJvaWJzaFB6RUxZYXNvTzlacDQ2WmttVQ==
[branch "xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/xsolla/v17alya/releases

Found on 2025-06-22 15:03

465 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 75.2.43.161
Domain: games-xsolla.megamod.io
Port: 443
URL: https://games-xsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-11-05 07:00
Open for 233 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b8c38636

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1JqZ3J6Mm1HTVlsSnFzSExqUUo3NjRhSTkzdGxOZjFBbkFuTQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-11-05 07:00

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227c81c38c

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzFNRThlVjdkOXZ3ZnJCc3VnSzR1dW95eVM4cjI4dDI1bXUwbA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-19 12:50

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652291dc8b21

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3ZCalpVZjlvaWNVVGd0ZGdkcjV4QmJzZE9JZWJJODBsRXNrVQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-15 04:20

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227e1ac3ed

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzNKUXlTcmVJY3JLWWhIMUFueER1MjE5d0JacG1zSDF6andPZw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-06 16:26

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b908d5a2

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzdaWXZ6YVU1cTBRNE52U1FwY3pKU2pMbzFnN1p5bTRYY3Qybg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-02 23:11

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522f5945a63

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3A2R3NrZDU0UkNTSzlyTlZFbzh6bFpvcW1acXRsZjNhZUh2Yg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-01 03:40

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e6867902

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2ZVVVNHVnpnbTZXTGZSb1p2dkRYSGpYdldOdGlmdTBVeDd5dw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-21 07:19

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522c4bece47

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2t5Q0RpbmRCUk9YbGJyTGJzUDdma09kSXJGd0lWQzN4VkpxMQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-17 06:46

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220ca3bffb

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3FoRkpFdkdCUzlQQnZRZk1ySENnZFpBT0U3OHM3aDFsVVNiUw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-08 22:31

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65226c06eff6

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2g0cUNBbjdXQ1Y2OFJxYko1WE45d1dLeUtjalR5NjRNVzVMag==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-06 14:30

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223862bf1d

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzE2MXgySjJ2eW1zaE80T1NsUTI5NTk0bmZEa2V6cjFJQk8wYw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-02 22:58

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65228bf27868

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzNrQzgzV2N0c3FGT21LTTFUUjNrcTh2NERhOUFsRjFqTjRBYw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-20 16:28

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b832573d

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0o3NmZMNkVkWFNZZFE4WWtZdEc4UFExc3FrbXN1QjBEWTFGcw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-16 12:29

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652290a15c36

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0dzYm5TV3dudTBCUlpsM2tCQnphYlY1cXFNN1pjRjJwNjhWQg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-14 15:42

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522ea71b178

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2hEZDVNMWdkN3lkMng5NFZOb0IwQWdBS2toTUk5YTAySUo1SA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-11 01:56

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522726ef7e1

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX04yYVZJTnpSaGZSRGNQeGZUcDBnNnJqUG1rdEVXQzFhVll0bA==
[branch "streamer_tower/xsolla/v17alya/Main_ORIGIN_COPY2"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/Main_ORIGIN_COPY2

Found on 2025-08-06 11:57

515 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65228972a9aa

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1d2eWN2U2NxWUVucG5uekpxQnFmQVNXZXN5VmJFNTEyY3U1SA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-07-28 15:43

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65226f363c07

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX29sY1Nva3ZsbWhYOHpVTDRjSkc4NmVOZU1qdjNLTDJRWGRMWg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-07-06 19:23

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223dcac506

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX29OTWYyaTBPYmFZRlJ3amw0WmxvNFgyZjdtNHJaTDFQUmdNcg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-06-30 18:43

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223075e754

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0VCTWdVWUphZ2FRaHVZUzRPbmVXeVNVWjVVWWJaNDRmYk8wQg==
[branch "streamer_tower/xsolla/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/releases

Found on 2025-06-22 09:59

481 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522fd4d5aa9

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzlnNEtWRW5HYkVJcEhsR3o1SVU4VTNCZTVZdWM4YTJuZHAzZw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-06-16 03:14

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652224379391

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0xVb0VNRFdlV2pJbDE2ZlVReFNVU1BoMmNOWmZhQjFZOHdDZA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-06-01 19:15

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652220cf48f6

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzFYSHo2VzBHaXd3OWs5NXBvVHlMTnI5ZUFtRWVIMzA2MG5pQw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-28 16:51

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652201b63139

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2tmc0o5Qm1oZHlWdzZCejZESlVGS2ZlMHBFeURVQTNrZ2tHQg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-26 20:08

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65221dc238de

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3R0aWtQMXhKbGtGblVNWGdpajhqWEJYYWpuT3B1SDI2dW00TA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-20 19:57

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227bb09693

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2x3a2NlQjVxU0F1OXA1SkNWM3VrN0lLcGM4eXhmUDNVSjdjRA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-16 02:55

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522c075a904

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3JxUlpPWDVUQkN2TlA5Z0xOZjE1SDNoQTVlU3dUbDBsYjhNbg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-12 23:25

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227b0ade5b

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2FCNDFIZFVVTGpNTE0zOEtSdE5vaW82SHl0dThUdTBaYm4zRA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-06 02:44

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522f8644168

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3VtM0gyOVZ2bVoySU5LRERld2ZuUlI2NFd0M21tNzQzeTFJMg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-04-22 09:39

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522edb0c090

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0YyeVI3dWhYckliR1ZORWZ0b2lERG95bG9sbGdIZzQ2NlFkQQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-04-14 06:46

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652284937ba2

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0ZUQnFjMmt3ZVh2QmJURkdNUURrSDJtTERaNlp6cjJ0Qll2YQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-22 20:35

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222eed8270

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3lyUm5PSjZqR28zZ0tib1hsVDZ4Q0c4bTRwdU1URDFDaHNWeA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-20 23:23

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222a47e586

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2Rva2FBM2ZGT1RWdGltbDRlN0NSb1JqRk1RSFU2YzJ6dEtZTA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-19 03:16

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522a45b8077

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1ZPc2xVcTV5ZncycEVYRUl4VllHVTBXbFg1RVdEVTEzaWJmeQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-17 02:57

497 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 75.2.43.161
Domain: game.zingrush.com
Port: 80
URL: http://game.zingrush.com

First seen 2025-08-27 00:41
Last seen 2025-11-04 20:41
Open for 69 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222494c57b

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/ZingRush
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX21kdG9mcWt4dlJvbjc1NGI2UW44eWtmdEpJMVpWRTNCVEdaVA==
[lfs]
	repositoryformatversion = 0
[branch "feature/orthocamera"]
	remote = origin
	merge = refs/heads/feature/orthocamera

Found on 2025-11-04 20:41

490 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652264e75c6a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/ZingRush
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1lma1U2SDdpQTA3cUw3czF2RzZkdG96ZlQ4V1BnNDJSYTgxUA==
[lfs]
	repositoryformatversion = 0
[branch "feature/crazygames"]
	remote = origin
	merge = refs/heads/feature/crazygames

Found on 2025-09-09 10:22

488 Bytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: test-configurator.kaqtu.ch
Port: 443
URL: https://test-configurator.kaqtu.ch

First seen 2025-10-29 00:19
Last seen 2025-10-29 08:10

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43246e02eff5268f5b073237ab4231a9e2cf1ebaeb

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /profile/snapshot/{proposal_snapshot_key}
GET /article-images
GET /article/colors
GET /article/{sku}
GET /color/color-group-lookup
GET /lookup
GET /lookuparticles
GET /paging/articles
GET /profile/snapshots
GET /snapshot/{access_code}
GET /start
POST /article/alternatives
POST /article/upsells
POST /auth/login
POST /auth/logout
POST /auth/password-reset
POST /auth/register
POST /card/invoice/create
POST /card/offer/create
POST /db-control/load/
POST /detect/color
POST /exit/moodboard
POST /exit/onboarding
POST /newsletter/register
POST /offer/create
POST /onboarding/complete
POST /onboarding/create
POST /profile/snapshot
POST /proposal/article/exclude
POST /proposal/article/external/add
POST /proposal/article/external/update
POST /proposal/article/include
POST /proposal/article/include/sku
POST /proposal/article/replace/sku
POST /proposal/article/replace/type
POST /proposal/articles/include
POST /proposal/articles/replace/types
POST /proposal/floortype/set
POST /proposal/new
POST /proposal/update
POST /proposal/wallpaint/set
POST /snapshot

Found on 2025-10-29 08:10

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.inyourdreamworld.com
Port: 443
URL: https://api.inyourdreamworld.com

First seen 2025-10-16 02:39
Last seen 2025-10-29 05:40
Open for 13 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3440ba8531bb62e11cf89ac44654c72abf04fb92c

GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 8, INPUT_OBJECT: 8, INTERFACE: 2, OBJECT: 22, SCALAR: 4)
Operations:
- Query: RootQueryType | fields: chatConversation, chatConversations, chatMember, chatMessages, chatUsers
- Mutation: RootMutationType | fields: createChatConversation, createChatMember, createChatMessage, createDevice, deleteChatMember
- Subscription: RootSubscriptionType | fields: chatConversationUpdated, chatMessageAdded
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-29 05:40

37.4 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: glebov.cv
Port: 443
URL: https://glebov.cv

First seen 2025-10-23 18:03
Last seen 2025-10-29 01:33
Open for 5 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3685e5cd824cba73cd99e588c19ce948619ce9486
```
GraphQL introspection enabled at /graphql
Types: 18 (by kind: ENUM: 2, OBJECT: 14, SCALAR: 2)
Operations:
- Query: Query | fields: me
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2025-10-29 01:33
  
  25.2 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: api.inyourdreamworld.com
Port: 80
URL: http://api.inyourdreamworld.com

First seen 2025-10-16 02:39
Last seen 2025-10-28 23:19
Open for 12 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3440ba8531bb62e11cf89ac44654c72abf04fb92c

GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 8, INPUT_OBJECT: 8, INTERFACE: 2, OBJECT: 22, SCALAR: 4)
Operations:
- Query: RootQueryType | fields: chatConversation, chatConversations, chatMember, chatMessages, chatUsers
- Mutation: RootMutationType | fields: createChatConversation, createChatMember, createChatMessage, createDevice, deleteChatMember
- Subscription: RootSubscriptionType | fields: chatConversationUpdated, chatMessageAdded
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-28 23:19

37.4 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: test.sportio.sk
Port: 443
URL: https://test.sportio.sk

First seen 2025-10-26 12:42
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2025-10-26 12:42
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: onion-automations.elpassion.com
Port: 443
URL: https://onion-automations.elpassion.com

First seen 2025-05-26 01:47
Last seen 2025-09-16 20:30
Open for 113 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642f079f9265f554ed45f554ed45f554ed4
```
Found 2 files trough .DS_Store spidering:

/favicon.ico
/robots.txt
```
  Found on 2025-09-16 20:30
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: www.croydonpharmacyfirst.co.uk
Port: 80
URL: http://www.croydonpharmacyfirst.co.uk

First seen 2025-06-23 01:08
Last seen 2025-07-16 03:29
Open for 23 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772d7968b8202fdb44b5e84be943facb2a4
```
Found 11 files trough .DS_Store spidering:

/db.sqlite3
/manage.py
/node_modules
/package-lock.json
/package.json
/pharmacy_first
/pharmacyfirst_app
/README.md
/static
/tailwind.config.js
/templates
```
  Found on 2025-07-16 03:29
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: staging.menulingua.com
Port: 443
URL: https://staging.menulingua.com

First seen 2025-06-15 22:29
Last seen 2025-07-13 00:32
Open for 27 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c248e4f81248e4f81cb3a648f4f0e0db3713499b497af78cd

Found 41 files trough .DS_Store spidering:

/assets
/LOGO
/uploads
/uploads/food
/uploads/food/image
/uploads/food/image/127858
/uploads/food/image/12811
/uploads/food/image/180539
/uploads/food/image/257190
/uploads/food/image/391732
/uploads/food/image/408682
/uploads/food/image/436329
/uploads/food/image/460881
/uploads/food/image/467805
/uploads/food/image/678573
/uploads/food/image/681976
/uploads/food/image/77256
/uploads/food/image/783736
/uploads/food/image/836154
/uploads/menu
/uploads/menu/logo
/uploads/menu/logo/13346
/uploads/menu/logo/142043
/uploads/menu/logo/156368
/uploads/menu/logo/25061
/uploads/menu/logo/316642
/uploads/menu/logo/320526
/uploads/menu/logo/330834
/uploads/menu/logo/428817
/uploads/menu/logo/490208
/uploads/menu/logo/504120
/uploads/menu/logo/619835
/uploads/menu/logo/663083
/uploads/menu/logo/68511
/uploads/menu/logo/69503
/uploads/menu/logo/713350
/uploads/menu/logo/714536
/uploads/menu/logo/822990
/uploads/menu/logo/939453
/uploads/prospective_restaurant
/uploads/tmp

Found on 2025-07-13 00:32

Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcad0419ccdbce2aa28617d2ed244317a3

Found 22 files trough .DS_Store spidering:

/assets
/LOGO
/uploads
/uploads/food
/uploads/food/image
/uploads/food/image/127858
/uploads/food/image/12811
/uploads/food/image/180539
/uploads/food/image/257190
/uploads/food/image/391732
/uploads/food/image/408682
/uploads/food/image/436329
/uploads/food/image/460881
/uploads/food/image/467805
/uploads/food/image/678573
/uploads/food/image/681976
/uploads/food/image/77256
/uploads/food/image/783736
/uploads/food/image/836154
/uploads/menu
/uploads/prospective_restaurant
/uploads/tmp

Found on 2025-07-03 12:53

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: rails6staging.menulingua.com
Port: 443
URL: https://rails6staging.menulingua.com

First seen 2025-06-15 22:29
Last seen 2025-07-12 08:07
Open for 26 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c248e4f81248e4f81cb3a648f4f0e0db3713499b497af78cd

Found 41 files trough .DS_Store spidering:

/assets
/LOGO
/uploads
/uploads/food
/uploads/food/image
/uploads/food/image/127858
/uploads/food/image/12811
/uploads/food/image/180539
/uploads/food/image/257190
/uploads/food/image/391732
/uploads/food/image/408682
/uploads/food/image/436329
/uploads/food/image/460881
/uploads/food/image/467805
/uploads/food/image/678573
/uploads/food/image/681976
/uploads/food/image/77256
/uploads/food/image/783736
/uploads/food/image/836154
/uploads/menu
/uploads/menu/logo
/uploads/menu/logo/13346
/uploads/menu/logo/142043
/uploads/menu/logo/156368
/uploads/menu/logo/25061
/uploads/menu/logo/316642
/uploads/menu/logo/320526
/uploads/menu/logo/330834
/uploads/menu/logo/428817
/uploads/menu/logo/490208
/uploads/menu/logo/504120
/uploads/menu/logo/619835
/uploads/menu/logo/663083
/uploads/menu/logo/68511
/uploads/menu/logo/69503
/uploads/menu/logo/713350
/uploads/menu/logo/714536
/uploads/menu/logo/822990
/uploads/menu/logo/939453
/uploads/prospective_restaurant
/uploads/tmp

Found on 2025-07-12 08:07

Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcad0419ccdbce2aa28617d2ed244317a3

Found 22 files trough .DS_Store spidering:

/assets
/LOGO
/uploads
/uploads/food
/uploads/food/image
/uploads/food/image/127858
/uploads/food/image/12811
/uploads/food/image/180539
/uploads/food/image/257190
/uploads/food/image/391732
/uploads/food/image/408682
/uploads/food/image/436329
/uploads/food/image/460881
/uploads/food/image/467805
/uploads/food/image/678573
/uploads/food/image/681976
/uploads/food/image/77256
/uploads/food/image/783736
/uploads/food/image/836154
/uploads/menu
/uploads/prospective_restaurant
/uploads/tmp

Found on 2025-06-30 08:25

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: streamerxsolla.megamod.io
Port: 80
URL: http://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-06-22 15:03
Open for 97 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a89f920624

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts/BetterSpace
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers

Found on 2025-06-22 15:03

Severity: medium
Fingerprint: 5f32cf5d6962f09c2d9d96002d9d96000b44dfed0950dced55c512c37c4a0723

Found 109 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-20 16:33

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8314e45cd

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages

Found on 2025-06-16 19:54

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a83d90574f

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj

Found on 2025-06-14 08:15

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8c26aabd9

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj

Found on 2025-06-10 10:22

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a85a3a1651

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile

Found on 2025-06-05 10:41

Severity: medium
Fingerprint: 5f32cf5d6962f09c9be405db9be405dbb26421fc39c2607a044bd3bcaacc1aa1

Found 111 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-05-29 01:09

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8ccc38785

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta

Found on 2025-05-19 03:31

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a84bb890d6

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI

Found on 2025-05-16 07:43

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a82f0d4222

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta

Found on 2025-05-13 01:42

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b45963a4298ea6890982d8a2e798ce9038

Found 40 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-28 15:53

Severity: medium
Fingerprint: 5f32cf5d6962f09ce9dbcc92e9dbcc92e5d40b37cf0cb9a39c1f251938b9b302

Found 60 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-26 13:44

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a81e2abcc3

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates

Found on 2025-04-13 08:38

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8beefef87

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween

Found on 2025-03-19 03:16

Severity: medium
Fingerprint: 5f32cf5d6962f09cf118c228f118c22849679815956769a5a7f96c1b552aadf3

Found 101 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-18 22:25

Severity: medium
Fingerprint: 5f32cf5d6962f09c1e3ea8c61e3ea8c6c45b51c3300c3a5fd8ea82ad3c9eb8f5

Found 86 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Severity: medium
Fingerprint: 5f32cf5d6962f09c62fb79d662fb79d63efa9d5349fc816fd551b8bdcf203100

Found 95 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Severity: medium
Fingerprint: 5f32cf5d6962f09cdc8bf8eddc8bf8ed846db9e63e212be0171ec38af1abdf56

Found 89 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: streamerxsolla.megamod.io
Port: 443
URL: https://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-06-22 11:19
Open for 97 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a89f920624

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts/BetterSpace
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers

Found on 2025-06-22 11:19

Severity: medium
Fingerprint: 5f32cf5d6962f09c9be405db9be405dbb26421fc39c2607a044bd3bcaacc1aa1

Found 111 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-20 01:33

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8c006869c

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro

Found on 2025-06-16 14:55

Severity: medium
Fingerprint: 5f32cf5d6962f09c2d9d96002d9d96000b44dfed0950dced55c512c37c4a0723

Found 109 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-14 06:00

Severity: medium
Fingerprint: 5f32cf5d6962f09cf118c228f118c22849679815956769a5a7f96c1b552aadf3

Found 101 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-02 14:32

Severity: medium
Fingerprint: 5f32cf5d6962f09cdc8bf8eddc8bf8ed846db9e63e212be0171ec38af1abdf56

Found 89 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-05-24 04:06

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8314e45cd

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages

Found on 2025-04-27 19:56

Severity: medium
Fingerprint: 5f32cf5d6962f09cb7af8d83b7af8d830f9cda04c3f5d7327528f3f4658b91eb

Found 87 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-12 14:04

Severity: medium
Fingerprint: 5f32cf5d6962f09ce9dbcc92e9dbcc92e5d40b37cf0cb9a39c1f251938b9b302

Found 60 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-12 14:04

Severity: medium
Fingerprint: 5f32cf5d6962f09c1e3ea8c61e3ea8c6c45b51c3300c3a5fd8ea82ad3c9eb8f5

Found 86 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-22 12:10

Severity: medium
Fingerprint: 5f32cf5d6962f09ca29b58f1a29b58f19f122802ec4039fcc05fa04ee7c995f6

Found 78 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Create report

Open service 75.2.43.161:80 · www.rdbtri.com

2026-01-12 06:04

HTTP/1.1 302 Found
Content-Length: 45
Content-Type: text/plain; charset=utf-8
Date: Mon, 12 Jan 2026 06:05:50 GMT
Location: https://www.rdbtri.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=cnw%2B2fpfOh%2Bol4VWK2AHnViFlBiYR%2FLHEDUGf84PQFY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768197950"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=cnw%2B2fpfOh%2Bol4VWK2AHnViFlBiYR%2FLHEDUGf84PQFY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1768197950"
Server: Heroku
Vary: Accept
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Found. Redirecting to https://www.rdbtri.com/

Found 6 minutes ago by HttpPlugin

Host 75.2.43.161

United States

Software information

Swagger API description is publicly available

Finds vulnerable Vite development environment

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Symfony developement panel enabled

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Symfony developement panel enabled

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available