LeakIX - Host 76.223.11.49

Host 76.223.11.49

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Cowboy

tcp/443

Heroku

tcp/443 tcp/80

heroku-router

tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: minside-api.watercircles.no
Port: 443
URL: https://minside-api.watercircles.no

First seen 2025-11-12 03:03
Last seen 2026-01-12 01:54
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bc3cdf12e1c14cc9de5966a689db6626d8b975146
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/contemi/offer/{ssn}/{brand}
GET /api/contemi/offers/{id}
GET /api/offers/{id}
GET /api/user/offers
GET /api/user/offers/latest
PATCH /api/contemi/offers/{id}/document
POST /api/contemi/offers
POST /api/contemi/offers/{id}/status
```
  Found on 2026-01-12 01:54
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: minside-api.watercircles.no
Port: 80
URL: http://minside-api.watercircles.no

First seen 2025-11-12 03:03
Last seen 2026-01-12 01:54
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bc3cdf12e1c14cc9de5966a689db6626d8b975146
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/contemi/offer/{ssn}/{brand}
GET /api/contemi/offers/{id}
GET /api/offers/{id}
GET /api/user/offers
GET /api/user/offers/latest
PATCH /api/contemi/offers/{id}/document
POST /api/contemi/offers
POST /api/contemi/offers/{id}/status
```
  Found on 2026-01-12 01:54
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-stage.wayflow-hub.com
Port: 80
URL: http://api-stage.wayflow-hub.com

First seen 2025-11-05 00:02
Last seen 2026-01-12 00:08
Open for 68 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839680286c20

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /overview/monthly-vehicle-reports
GET /overview/stats
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-12 00:08

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839695fa1cc9

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-04 00:19

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: gha-embed.herohealth.net
Port: 443
URL: https://gha-embed.herohealth.net

First seen 2025-11-04 00:12
Last seen 2026-01-11 03:25
Open for 68 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-11 03:25
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: herodoctors.co.uk
Port: 443
URL: https://herodoctors.co.uk

First seen 2025-11-08 01:22
Last seen 2026-01-10 02:15
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 02:15
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: bookings.mayfieldclinic.co.uk
Port: 443
URL: https://bookings.mayfieldclinic.co.uk

First seen 2025-11-08 01:42
Last seen 2026-01-10 02:15
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 02:15
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: temping.studitemps.de
Port: 443
URL: https://temping.studitemps.de

First seen 2025-11-08 01:32
Last seen 2026-01-10 02:15
Open for 63 days

Severity: info
Fingerprint: 5733ddf49ff49cd110b5863c747e4e0798bd8c1fe4b4b45008f0928a87943c3f

Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /api/dispositions/search
GET /api/notes/search
GET /api/orders/find
GET /api/orders/search
GET /api/qualifications/decline_reasons
GET /api/qualifications/find
GET /api/shifts/search
GET /api/students/find
GET /api/students/warnings
POST /api/notes/create
POST /api/orders/add_tag
POST /api/orders/remove_tag
POST /api/qualifications/decline_candidate
POST /api/qualifications/qualify_candidate
POST /api/students/add_tag
POST /api/students/add_traits_from_training
POST /api/students/remove_tag
POST /api/webhooks/subscribe
POST /api/webhooks/unsubscribe

Found on 2026-01-10 02:15

Severity: info
Fingerprint: 5733ddf49ff49cd110b5863c747e4e0798bd8c1fe4b4b45008f0928ac8eafbec

Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /api/dispositions/search
GET /api/notes/search
GET /api/orders/find
GET /api/orders/search
GET /api/qualifications/decline_reasons
GET /api/qualifications/find
GET /api/shifts/search
GET /api/students/find
POST /api/notes/create
POST /api/orders/add_tag
POST /api/orders/remove_tag
POST /api/qualifications/decline_candidate
POST /api/qualifications/qualify_candidate
POST /api/students/add_tag
POST /api/students/add_traits_from_training
POST /api/students/remove_tag

Found on 2025-12-26 16:01

Severity: info
Fingerprint: 5733ddf49ff49cd110b5863c747e4e0798bd8c1fe4b4b45008f0928a63806f7f

Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /api/dispositions/search
GET /api/notes/search
GET /api/orders/find
GET /api/orders/search
GET /api/qualifications/find
GET /api/shifts/search
GET /api/students/find
POST /api/notes/create
POST /api/students/add_tag
POST /api/students/add_traits_from_training
POST /api/students/remove_tag

Found on 2025-12-01 00:46

Severity: info
Fingerprint: 5733ddf49ff49cd110b5863c747e4e0798bd8c1fb94b9889dbcbcb4d5af659b4

Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /api/dispositions/search
GET /api/notes/search
GET /api/orders/search
GET /api/qualifications/find
GET /api/shifts/search
GET /api/students/find
POST /api/notes/create
POST /api/students/add_tag
POST /api/students/add_traits_from_training
POST /api/students/remove_tag

Found on 2025-11-20 18:15

Severity: info
Fingerprint: 5733ddf49ff49cd110b5863c747e4e0798bd8c1fb94b9889dbcbcb4df55530cd

Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /api/dispositions/search
GET /api/notes/search
GET /api/orders/search
GET /api/qualifications/find
GET /api/shifts/search
GET /api/students/find
POST /api/notes/create
POST /api/students/add_traits_from_training

Found on 2025-11-10 04:34

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: demo.htech.app
Port: 443
URL: https://demo.htech.app

First seen 2025-11-24 00:16
Last seen 2026-01-10 02:10
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 02:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: login.asapp.tech
Port: 443
URL: https://login.asapp.tech

First seen 2025-11-17 00:14
Last seen 2026-01-10 01:51
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 01:51
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dev.api.gamification.hotlens.com
Port: 80
URL: http://dev.api.gamification.hotlens.com

First seen 2025-11-06 01:03
Last seen 2026-01-10 01:36
Open for 65 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38ba6d8bc6b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/Other/backoffice/gamification-limits
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/referrals
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/PlayersReferral
GET /api/PlayersReferral/backoffice
GET /api/PlayersReferral/backoffice/claims
GET /api/PlayersReferral/backoffice/statistics
GET /api/PlayersReferral/claims
GET /api/PlayersReferral/statistics
GET /api/PlayersReferral/total-statistics
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/Other/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/PlayersReferral/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/Achievements/backoffice/achievement-multiplier
POST /api/Achievements/backoffice/achievement-spins
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
POST /api/PlayersReferral/claim
PUT /api/Achievements/backoffice/achievement
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2026-01-10 01:36

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38b51008d30

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/Achievements/backoffice/achievement-multiplier
POST /api/Achievements/backoffice/achievement-spins
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
PUT /api/Achievements/backoffice/achievement
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2026-01-06 00:11

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38bf5ba61b9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/Achievements/backoffice/achievement-multiplier
POST /api/Achievements/backoffice/achievement-spins
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2025-12-14 04:24

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492b279f3392799e2d6fd18ce1d7fae38bc28e739b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Achievements
GET /api/Achievements/backoffice
GET /api/Achievements/backoffice/players-achievements
GET /api/Achievements/count
GET /api/Achievements/detail
GET /api/Achievements/games
GET /api/Achievements/{id}
GET /api/Campaigns/active-campaigns
GET /api/Campaigns/backoffice
GET /api/Campaigns/backoffice/active-campaigns
GET /api/Campaigns/backoffice/claimed
GET /api/Campaigns/claimed
GET /api/Levels
GET /api/Levels/backoffice
GET /api/Levels/latest
GET /api/Levels/range
GET /api/PlayerAchievements
GET /api/PlayerAchievements/progress
GET /api/PlayerAchievements/{id}/progress
GET /api/PlayerCampaigns
GET /api/PlayerCashback
GET /api/PlayerCashback/backoffice
GET /api/PlayerCashback/backoffice/claimed
GET /api/PlayerCashback/claimed
GET /api/PlayerDepositBonus
GET /api/PlayerDepositBonus/backoffice
GET /api/PlayerDepositBonus/backoffice/claimed
GET /api/PlayerDepositBonus/claimed
GET /api/Players
GET /api/Players/backoffice
GET /api/Players/backoffice/free-cash
GET /api/Players/backoffice/free-spins
GET /api/Players/backoffice/levels
GET /api/Players/backoffice/registration-bonuses
GET /api/Players/free-cash
GET /api/Players/free-spins
GET /api/Players/statistics-cashback
GET /api/Players/statistics-free-cash
GET /api/Players/statistics-free-spins
GET /api/Rewards/backoffice/cashback
GET /api/Rewards/backoffice/deposit-top-up
GET /api/Rewards/backoffice/free-cash
GET /api/Rewards/backoffice/free-spins
GET /api/Rewards/backoffice/registration-bonuses
GET /api/Transactions/backoffice/gamification-transaction
HEAD /api/Achievements/health-check
HEAD /api/Campaigns/health-check
HEAD /api/Levels/health-check
HEAD /api/PlayerAchievements/health-check
HEAD /api/PlayerCampaigns/health-check
HEAD /api/PlayerCashback/health-check
HEAD /api/PlayerDepositBonus/health-check
HEAD /api/Players/health-check
HEAD /api/Rewards/backoffice/health-check
HEAD /api/Transactions/health-check
POST /api/PlayerAchievements/backoffice/add-player-achievement
POST /api/PlayerAchievements/backoffice/remove-player-achievement
POST /api/PlayerCashback/claim
POST /api/PlayerDepositBonus/claim
POST /api/Players/backoffice/registration-bonus
POST /api/Players/claim-free-cash
POST /api/Players/claim-free-spins
POST /api/Players/claim-registration-bonus
POST /api/Players/registration-bonus
PUT /api/Achievements/backoffice/lock
PUT /api/Achievements/backoffice/unlock
PUT /api/Campaigns/backoffice/disable
PUT /api/Campaigns/backoffice/enable
PUT /api/Levels/backoffice/adjust-player-level
PUT /api/Players/backoffice/remove-free-spins
PUT /api/Rewards/backoffice/cashback/disable
PUT /api/Rewards/backoffice/cashback/enable
PUT /api/Rewards/backoffice/deposit-top-up/disable
PUT /api/Rewards/backoffice/deposit-top-up/enable
PUT /api/Rewards/backoffice/free-cash/disable
PUT /api/Rewards/backoffice/free-cash/enable
PUT /api/Rewards/backoffice/free-spins/disable
PUT /api/Rewards/backoffice/free-spins/enable
PUT /api/Rewards/backoffice/registration-bonuses/disable
PUT /api/Rewards/backoffice/registration-bonuses/enable

Found on 2025-11-27 11:48

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: www.api.hazz.co
Port: 443
URL: https://www.api.hazz.co

First seen 2025-11-07 00:26
Last seen 2026-01-10 01:36
Open for 64 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 01:36
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.hazz.co
Port: 80
URL: http://api.hazz.co

First seen 2025-11-07 00:26
Last seen 2026-01-10 01:36
Open for 64 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 01:36
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.vaulty.site
Port: 80
URL: http://api.vaulty.site

First seen 2025-11-17 00:26
Last seen 2026-01-10 01:32
Open for 54 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a36c50fc35

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/me
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2026-01-10 01:32

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a32311aae5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/canLeaveReview
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/getUserInfoBySession
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2025-11-30 14:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: objednavky.gamextrading.sk
Port: 80
URL: http://objednavky.gamextrading.sk

First seen 2025-11-28 06:28
Last seen 2026-01-10 01:23
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-10 01:23
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: reader-gateway.mypaperview.com
Port: 443
URL: https://reader-gateway.mypaperview.com

First seen 2025-11-15 03:01
Last seen 2026-01-10 01:18
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-10 01:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: uat-backend.leadro.ch
Port: 80
URL: http://uat-backend.leadro.ch

First seen 2025-11-19 01:51
Last seen 2026-01-10 01:16
Open for 51 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 01:16
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: admin.puzzliky.sk
Port: 80
URL: http://admin.puzzliky.sk

First seen 2025-10-23 00:02
Last seen 2026-01-10 01:16
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ecff50ed96ef1995eeef1995eeef1995eeef1995ee
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /image
GET /string
```
  Found on 2026-01-10 01:16
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-car.sakcars.com
Port: 80
URL: http://api-car.sakcars.com

First seen 2025-11-14 00:03
Last seen 2026-01-10 00:50
Open for 57 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e534afab622b9b88394cb0c51d56a9fbb6c3520b82
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /brands
GET /brands/{name}
GET /cars
GET /cars/{vehicleType}/{brandName}/{modelName}/{subModelName}/{releaseMonth}/{releaseYear}
GET /models
GET /models/{name}
GET /months
GET /submodels
GET /submodels/{name}
```
  Found on 2026-01-10 00:50
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: overeni-bankou.skippay.dev
Port: 443
URL: https://overeni-bankou.skippay.dev

First seen 2025-10-17 00:31
Last seen 2026-01-10 00:36
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd18553ecf761b3804c143bd68f31952d69b506847c5f7120c4
```
Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /connect/{providerId}/{providerUserId}
GET /
GET /api/businesscard/banks
GET /api/businesscard/export
GET /api/businesscard/id
GET /connect
GET /connect/{providerId}
GET /redirect/connect
GET /saml/SSO
GET /saml/connect/{provider}
GET /saml/metadata
GET /service/banks
GET /service/clean
GET /service/hello
GET /service/statistics
POST /api/businesscard/bank/delete
POST /api/businesscard/delete
```
  Found on 2026-01-10 00:36
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-14 07:16
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.akorno.com
Port: 443
URL: https://api.akorno.com

First seen 2025-12-09 01:41
Last seen 2026-01-10 00:12
Open for 31 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-10 00:12

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-16 22:15

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-09 01:41

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: minmemoria-api-stage.vilmer.no
Port: 80
URL: http://minmemoria-api-stage.vilmer.no

First seen 2025-10-19 01:49
Last seen 2026-01-09 23:45
Open for 82 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: procare.htech.app
Port: 443
URL: https://procare.htech.app

First seen 2025-11-08 00:22
Last seen 2026-01-09 23:27
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:27
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: personaldienstleister.saubermacher.at
Port: 80
URL: http://personaldienstleister.saubermacher.at

First seen 2025-11-08 00:13
Last seen 2026-01-09 23:10
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.aldiarconsult.com
Port: 443
URL: https://api.aldiarconsult.com

First seen 2025-11-21 03:59
Last seen 2026-01-09 22:45
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035490cc7b60478b9152c24a600dc6a0c237f06cafa31
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /admins
GET /admins/me
GET /orders
GET /services
GET /services/{serviceId}
POST /api/hiring
POST /auth/refresh-token
POST /auth/send-code
POST /auth/verify-code
POST /join
POST /orders/{serviceId}
PUT /orders/{orderId}/execute
```
  Found on 2026-01-09 22:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: admin.puzzliky.sk
Port: 443
URL: https://admin.puzzliky.sk

First seen 2025-10-23 00:02
Last seen 2026-01-09 22:45
Open for 78 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ecff50ed96ef1995eeef1995eeef1995eeef1995ee
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /image
GET /string
```
  Found on 2026-01-09 22:45
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.health-upp.com
Port: 80
URL: http://api.health-upp.com

First seen 2025-12-02 01:02
Last seen 2026-01-09 21:23
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035490d405d47bd9aacd15b2dbc7e79192c5a04045c1a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /chat/{conversationId}/message/{messageId}
DELETE /meals/delete-meal
GET /activity-log
GET /auth/confirmEmail
GET /auth/manage/info
GET /categories/export
GET /categories/export-pdf
GET /chat/conversations
GET /chat/{conversationId}
GET /chat/{conversationId}/old
GET /chat/{conversationId}/unread
GET /client-info-options
GET /client-invitation/pending
GET /client-invitation/{clientInvitationId}
GET /clients/active
GET /clients/deactivated
GET /clients/invited
GET /clients/options
GET /clients/{clientId}
GET /clients/{clientId}/client-info
GET /clients/{clientId}/user-info
GET /invite/{token}
GET /meal-groups
GET /meal-groups/{id}
GET /meals/{mealId}
GET /menu/week
GET /menu/{clientId}
GET /menu/{clientId}/week
GET /products
GET /providers
GET /providers/current
GET /providers/current/all
GET /providers/previous
GET /steps
GET /user-info
GET /user/current
GET /user/current-subscription
GET /weekly-menu/{clientId}/export
PATCH /meals/{id}/update-servings-order
PATCH /menu/{id}/update-order
PATCH /user/change-password
PATCH /user/settings
POST /accept-invitation
POST /auth/confirm-email
POST /auth/forgot-password
POST /auth/forgotPassword
POST /auth/login
POST /auth/login-user
POST /auth/manage/2fa
POST /auth/refresh
POST /auth/register
POST /auth/register-user
POST /auth/resend-confirmation-email
POST /auth/resendConfirmationEmail
POST /auth/reset-password
POST /auth/resetPassword
POST /cancel-invitation/{clientInvitationId}
POST /chat/send-message
POST /clients/remove-client/{clientId}
POST /clients/use-seat-for-yourself
POST /create-checkout-session
POST /customer-portal
POST /meals
POST /meals/duplicate-meal
POST /menu/day/{dailyMenuId}/duplicate
POST /menu/week/duplicate
POST /reject-invitation/{clientInvitationId}
POST /send-invitation
POST /webhook
PUT /clients/{clientId}/client-info/activity
PUT /meals/{mealId}/feedback/change-status
PUT /meals/{mealId}/feedback/note

Found on 2026-01-09 21:23

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.staging.doranordic.dk
Port: 443
URL: https://api.staging.doranordic.dk

First seen 2025-10-16 19:52
Last seen 2026-01-09 21:06
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 21:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.motion.org.uk
Port: 80
URL: http://api.motion.org.uk

First seen 2025-10-20 01:06
Last seen 2026-01-09 20:03
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 20:03
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: timing.ltavaring.com
Port: 443
URL: https://timing.ltavaring.com

First seen 2025-11-20 00:52
Last seen 2026-01-09 18:32
Open for 50 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b75bae3acdb27a508fc4a3d1c889c91b979186029

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/admin/classifications
GET /api/admin/entries
GET /api/admin/entries/event-day/{eventDayId}
GET /api/admin/eventDays
GET /api/admin/eventDays/event/{eventId}
GET /api/admin/events
GET /api/admin/events/season/{id}
GET /api/admin/events/{id}
GET /api/admin/pilots
GET /api/admin/pilots/{id}
GET /api/admin/seasons
GET /api/admin/seasons/{id}
GET /api/admin/tracks
GET /api/admin/tracks/{id}
GET /api/classifications
GET /api/entries
GET /api/entries/event-day/{eventDayId}
GET /api/eventDays
GET /api/eventDays/event/{eventId}
GET /api/events
GET /api/events/season/{id}
GET /api/events/{id}
GET /api/pilots
GET /api/pilots/{id}
GET /api/seasons
GET /api/seasons/{id}
GET /api/timing/currentEventDay
GET /api/tracks
GET /api/tracks/{id}
POST /api/admin/classifications/delete/{id}
POST /api/admin/entries/delete/{id}
POST /api/admin/eventDays/delete/{id}
POST /api/admin/events/delete/{id}
POST /api/admin/pilots/delete/{id}
POST /api/admin/seasons/delete/{id}
POST /api/admin/tracks/delete/{id}
POST /api/timing/laps
POST /auth/login

Found on 2026-01-09 18:32

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: gha.herohealth.net
Port: 443
URL: https://gha.herohealth.net

First seen 2025-11-03 00:38
Last seen 2026-01-09 18:07
Open for 67 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 18:07
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: stmichaelsclinic.htech.app
Port: 443
URL: https://stmichaelsclinic.htech.app

First seen 2025-12-12 01:18
Last seen 2026-01-09 17:39
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 17:39
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: diversityplayer.edgez.live
Port: 443
URL: https://diversityplayer.edgez.live

First seen 2025-12-03 00:27
Last seen 2026-01-09 17:38
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 17:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dashboard.devbox-sante.fr
Port: 80
URL: http://dashboard.devbox-sante.fr

First seen 2025-10-25 01:19
Last seen 2026-01-09 17:05
Open for 76 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 17:05
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5234fb4afea2f53cfffd79d6a25b1dbe16fe35d49
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /admin/logs/import
GET /annuaire/activities
GET /auth/login
GET /licenses
GET /logs
GET /logs/components
GET /logs/errorCodes
GET /logs/servicePaths
GET /logs/services
GET /logs/types
POST /logs/search
```
  Found on 2026-01-02 17:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: booking-api.iotee.eu
Port: 80
URL: http://booking-api.iotee.eu

First seen 2025-10-17 01:11
Last seen 2026-01-09 17:02
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 17:02
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.neereg.com
Port: 443
URL: https://api.neereg.com

First seen 2025-11-06 01:07
Last seen 2026-01-09 16:51
Open for 64 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 16:51
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.hazz.co
Port: 443
URL: https://api.hazz.co

First seen 2025-11-07 00:26
Last seen 2026-01-09 16:36
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 16:36
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: my-new.yapu.solutions
Port: 443
URL: https://my-new.yapu.solutions

First seen 2025-11-17 01:16
Last seen 2026-01-09 16:04
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 16:04
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dashboard-auth.say2eat.com
Port: 443
URL: https://dashboard-auth.say2eat.com

First seen 2025-10-27 01:11
Last seen 2026-01-09 15:57
Open for 74 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 15:57
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: beta-api.thrive3sixtyintl.com
Port: 80
URL: http://beta-api.thrive3sixtyintl.com

First seen 2025-10-20 00:27
Last seen 2026-01-09 15:01
Open for 81 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e58d9f8921293e3bdd45410f4d0e520cf30ce369f9

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/todo/occurrence/{occurrenceId}
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dashboard/affirmation
GET /api/v1/dashboard/current/todo
GET /api/v1/dashboard/info/todo
GET /api/v1/dashboard/priorities
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo
GET /api/v1/todo/archived
GET /api/v1/todo/automated
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/history
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/close
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit
PUT /api/v1/todo/{todoId}

Found on 2026-01-09 15:01

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e58d9f8921293e3bdd45410f4d0e520cf3ac3a5b7a

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/todo/occurrence/{occurrenceId}
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo
GET /api/v1/todo/archived
GET /api/v1/todo/automated
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/history
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/close
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit
PUT /api/v1/todo/{todoId}

Found on 2025-12-21 11:28

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e399943ac7ffca3991542bb85202

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-12-01 15:57

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e399943ac7ffca399154bfa32b66

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-29 07:21

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e399943ac7ffca39915433caf38e

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-10 14:53

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e3993fa04fc1f2fd1e2bf3ddeae9

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-08 12:31

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5a57e1f3ee36c86c29a07c9776f6efbe4774853fc

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/habit-tracker
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/todo/category/edit

Found on 2025-11-07 00:25

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: backend.harvest.graindata.com
Port: 80
URL: http://backend.harvest.graindata.com

First seen 2025-11-18 00:08
Last seen 2026-01-09 14:56
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f61fc931f61fc931f61fc931f61fc931f61fc931f61fc931
```
Public Swagger UI/API detected at path: /api/swagger.json
```
  Found on 2026-01-09 14:56
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: widget-api.local.fr
Port: 80
URL: http://widget-api.local.fr

First seen 2025-11-01 07:59
Last seen 2026-01-09 14:54
Open for 69 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 14:54
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.health-upp.com
Port: 443
URL: https://api.health-upp.com

First seen 2025-12-02 01:02
Last seen 2026-01-09 14:53
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035490d405d47bd9aacd15b2dbc7e79192c5a04045c1a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /chat/{conversationId}/message/{messageId}
DELETE /meals/delete-meal
GET /activity-log
GET /auth/confirmEmail
GET /auth/manage/info
GET /categories/export
GET /categories/export-pdf
GET /chat/conversations
GET /chat/{conversationId}
GET /chat/{conversationId}/old
GET /chat/{conversationId}/unread
GET /client-info-options
GET /client-invitation/pending
GET /client-invitation/{clientInvitationId}
GET /clients/active
GET /clients/deactivated
GET /clients/invited
GET /clients/options
GET /clients/{clientId}
GET /clients/{clientId}/client-info
GET /clients/{clientId}/user-info
GET /invite/{token}
GET /meal-groups
GET /meal-groups/{id}
GET /meals/{mealId}
GET /menu/week
GET /menu/{clientId}
GET /menu/{clientId}/week
GET /products
GET /providers
GET /providers/current
GET /providers/current/all
GET /providers/previous
GET /steps
GET /user-info
GET /user/current
GET /user/current-subscription
GET /weekly-menu/{clientId}/export
PATCH /meals/{id}/update-servings-order
PATCH /menu/{id}/update-order
PATCH /user/change-password
PATCH /user/settings
POST /accept-invitation
POST /auth/confirm-email
POST /auth/forgot-password
POST /auth/forgotPassword
POST /auth/login
POST /auth/login-user
POST /auth/manage/2fa
POST /auth/refresh
POST /auth/register
POST /auth/register-user
POST /auth/resend-confirmation-email
POST /auth/resendConfirmationEmail
POST /auth/reset-password
POST /auth/resetPassword
POST /cancel-invitation/{clientInvitationId}
POST /chat/send-message
POST /clients/remove-client/{clientId}
POST /clients/use-seat-for-yourself
POST /create-checkout-session
POST /customer-portal
POST /meals
POST /meals/duplicate-meal
POST /menu/day/{dailyMenuId}/duplicate
POST /menu/week/duplicate
POST /reject-invitation/{clientInvitationId}
POST /send-invitation
POST /webhook
PUT /clients/{clientId}/client-info/activity
PUT /meals/{mealId}/feedback/change-status
PUT /meals/{mealId}/feedback/note

Found on 2026-01-09 14:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-v2.chainzsolutions.com
Port: 443
URL: https://api-v2.chainzsolutions.com

First seen 2025-11-01 06:47
Last seen 2026-01-09 14:51
Open for 69 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 14:51
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: order-api.selectmeat.ro
Port: 443
URL: https://order-api.selectmeat.ro

First seen 2025-11-16 00:14
Last seen 2026-01-09 14:48
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b7f0f93a13d18990547eb8bf9024cfa4d6d83b17f
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/order/bulk
GET /api/address/client/{id}
GET /api/address/client/{id}/cbd
GET /api/address/{id}
GET /api/client
GET /api/client/{id}
GET /api/order/{id}
GET /api/products
GET /api/user
GET /api/vendor
GET /api/vendor/{id}
POST /api/address
POST /api/order
POST /api/order/report
```
  Found on 2026-01-09 14:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: verify.app.progreto.com
Port: 443
URL: https://verify.app.progreto.com

First seen 2025-10-25 00:28
Last seen 2026-01-09 14:43
Open for 76 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 14:43
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: overeni-bankou.accept.skippay.dev
Port: 80
URL: http://overeni-bankou.accept.skippay.dev

First seen 2025-10-17 00:01
Last seen 2026-01-09 14:17
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd18553ecf761b3804c143bd68f31952d69b506847c5f7120c4
```
Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /connect/{providerId}/{providerUserId}
GET /
GET /api/businesscard/banks
GET /api/businesscard/export
GET /api/businesscard/id
GET /connect
GET /connect/{providerId}
GET /redirect/connect
GET /saml/SSO
GET /saml/connect/{provider}
GET /saml/metadata
GET /service/banks
GET /service/clean
GET /service/hello
GET /service/statistics
POST /api/businesscard/bank/delete
POST /api/businesscard/delete
```
  Found on 2026-01-09 14:17
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: localstart-bo-staging.local.fr
Port: 443
URL: https://localstart-bo-staging.local.fr

First seen 2025-10-27 21:26
Last seen 2026-01-09 12:48
Open for 73 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 12:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: objednavky.gamextrading.sk
Port: 443
URL: https://objednavky.gamextrading.sk

First seen 2025-11-28 06:28
Last seen 2026-01-09 12:38
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 12:38
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dev.o2e.sa
Port: 80
URL: http://dev.o2e.sa

First seen 2025-12-11 01:05
Last seen 2026-01-09 12:35
Open for 29 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecb3069b91a7defb6a429d57bd48c622f3e00cb877

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /api/account/{email}
DELETE /api/admin/users/{id}
DELETE /api/bookmarks/offer/{id}
DELETE /api/family-user/{email}
GET /api/account
GET /api/admin/admin-users
GET /api/admin/advertising
GET /api/admin/advertising/{id}
GET /api/admin/catering-requests
GET /api/admin/catering-requests/{id}
GET /api/admin/company/{companyId}/users
GET /api/admin/company/{companyId}/users/filter
GET /api/admin/dashboard
GET /api/admin/dashboard/redeemers
GET /api/admin/gifts
GET /api/admin/report
GET /api/admin/report/businesses
GET /api/admin/report/consumed-offer-per-business
GET /api/admin/report/most-visited-business
GET /api/admin/report/offers
GET /api/admin/report/pdf
GET /api/admin/report/redeemers
GET /api/admin/report/top-users
GET /api/admin/report/users
GET /api/admin/report/xlsx
GET /api/admin/users
GET /api/admin/users/list
GET /api/admin/users/{login}
GET /api/authenticate
GET /api/authorities
GET /api/bookmarks
GET /api/bookmarks/{id}
GET /api/business-categories
GET /api/business-categories-page
GET /api/business-categories/{id}
GET /api/businesses
GET /api/businesses/summary
GET /api/businesses/{id}
GET /api/businesses/{id}/visited
GET /api/companies
GET /api/companies/list
GET /api/companies/{id}
GET /api/company-admins
GET /api/company-admins/{id}
GET /api/company-types
GET /api/company-types/{id}
GET /api/config/whatsapp
GET /api/contact-us
GET /api/contact-us/{id}
GET /api/contacts
GET /api/contacts/{id}
GET /api/enabled/businesses
GET /api/generate-qr
GET /api/gifts
GET /api/gifts/count
GET /api/gifts/{id}
GET /api/join-us
GET /api/join-us/{id}
GET /api/locations
GET /api/locations/{id}
GET /api/mobile/advertising
GET /api/notifications
GET /api/notifications/{id}
GET /api/offer-logs/company/{companyId}
GET /api/offers
GET /api/offers/available-priority
GET /api/offers/exclusive
GET /api/offers/with-priority
GET /api/offers/{id}
GET /api/scan-qr
GET /api/storges/{uuid}
GET /api/users
GET /api/v2/offers
GET /v3/api-docs
GET /v3/api-docs.yaml
GET /v3/api-docs.yaml/{group}
GET /v3/api-docs/{group}
PATCH /api/admin/user/{id}
POST /api/account/change-password
POST /api/account/family/reset-password/finish
POST /api/account/resend-otp
POST /api/account/reset-password/check
POST /api/account/reset-password/finish
POST /api/account/reset-password/init
POST /api/activate
POST /api/businesses/bulk
POST /api/family-user
POST /api/migrate/files
POST /api/offer
POST /api/offer-logs
POST /api/offers/{id}/priority
POST /api/register
POST /api/support

Found on 2026-01-09 12:35

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.everrest.educata.dev
Port: 80
URL: http://api.everrest.educata.dev

First seen 2025-12-11 00:35
Last seen 2026-01-09 12:18
Open for 29 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 12:18
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: staging-api.migesplus.ch
Port: 443
URL: https://staging-api.migesplus.ch

First seen 2025-11-17 00:57
Last seen 2026-01-09 11:51
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fe

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /search/reindex
GET /{locale}/access-channels
GET /{locale}/access-channels/{slug}
GET /{locale}/adviceCenters
GET /{locale}/adviceCenters/{slug}
GET /{locale}/audiences
GET /{locale}/audiences/{slug}
GET /{locale}/blogs
GET /{locale}/blogs/{slug}
GET /{locale}/featuredBlogs
GET /{locale}/good-practices
GET /{locale}/good-practices/{slug}
GET /{locale}/healthBlogs
GET /{locale}/infobox/{page}
GET /{locale}/infoboxes
GET /{locale}/migesMedia/{slug}
GET /{locale}/migesMedias
GET /{locale}/nonHealthBlogs
GET /{locale}/publications
GET /{locale}/publications/featured
GET /{locale}/publications/{slug}
GET /{locale}/publications/{slug}/related
GET /{locale}/publishers
GET /{locale}/publishers/{slug}
GET /{locale}/publishers/{slug}/publications
GET /{locale}/topics
GET /{locale}/topics/featured
GET /{locale}/topics/pages
GET /{locale}/topics/{slug}
POST /address/search
POST /address/validate
POST /webhooks/contentful
POST /{locale}/publishers/emails
POST /{locale}/publishers/{slug}/email
PUT /topics/updateTopicGroupSlugPath

Found on 2026-01-09 11:51

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 15.197.129.158
Domain: loenberegner.dora-apps.com
Port: 80
URL: http://loenberegner.dora-apps.com

First seen 2025-12-01 08:41
Last seen 2026-01-09 11:13
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549382a10ba889058dd781bb1940e538662307fe334
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /teams
GET /teams/stats
GET /teams/{id}
GET /teams/{id}/users
POST /api/v1/auth/forgot-password
POST /api/v1/auth/reset-password
POST /api/v1/auth/verify-reset-token
```
  Found on 2026-01-09 11:13
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-12-09 19:20
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549382a10ba889058dd781bb1940e5386620e538662
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /teams
GET /teams/stats
GET /teams/{id}
GET /teams/{id}/users
```
  Found on 2025-12-08 06:08
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: uat.gha.herohealth.net
Port: 443
URL: https://uat.gha.herohealth.net

First seen 2025-11-06 01:16
Last seen 2026-01-09 10:50
Open for 64 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 10:50
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: bart.bartsparts.nl
Port: 443
URL: https://bart.bartsparts.nl

First seen 2025-11-07 00:36
Last seen 2026-01-09 10:50
Open for 63 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-09 10:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: www.vetopsi.com
Port: 80
URL: http://www.vetopsi.com

First seen 2025-12-12 00:58
Last seen 2026-01-09 10:22
Open for 28 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b01146c99184c7d47755419c4b0e2e5d9f7a8a785

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/case-record/clear-history
GET /admin/activity
GET /admin/case-record
GET /admin/case-record/by-id
GET /admin/case-record/deleted
GET /admin/case-record/search
GET /admin/case-record/versions
GET /admin/case-record/versions/list
GET /admin/category
GET /admin/category/age-ranges-by-category
GET /admin/category/sub-categories-by-category
GET /admin/dashboard
GET /admin/medicine
GET /admin/users
GET /api/case-record/by-id
GET /api/case-record/history
GET /api/case-record/search
GET /api/category
GET /api/category/age-ranges-by-category
GET /api/category/sub-categories-by-category
GET /api/faq/favorites
GET /api/medicine
GET /api/purchase/{email}
GET /api/user/document/{email}
GET /healthCheck
POST /admin/case-record/restore
POST /admin/category/age-range
POST /admin/category/sub-category
POST /admin/medicine/{id}/image
POST /api/faq/contact-us
POST /api/purchase/
POST /api/user/check-code
POST /api/user/document
POST /api/user/forgot-password
POST /auth/login
POST /auth/register/user
POST /auth/register/vet
PUT /api/user/change-password
PUT /api/user/change-profile
PUT /api/user/set-password

Found on 2026-01-09 10:22

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b01146c99184c7d47755419c4b0e2e5d90ebb3bb7

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/case-record/clear-history
GET /admin/activity
GET /admin/case-record
GET /admin/case-record/by-id
GET /admin/case-record/deleted
GET /admin/case-record/search
GET /admin/case-record/versions
GET /admin/case-record/versions/list
GET /admin/category
GET /admin/category/age-ranges-by-category
GET /admin/category/sub-categories-by-category
GET /admin/dashboard
GET /admin/medicine
GET /admin/users
GET /api/case-record/by-id
GET /api/case-record/history
GET /api/case-record/search
GET /api/category
GET /api/category/age-ranges-by-category
GET /api/category/sub-categories-by-category
GET /api/faq/favorites
GET /api/medicine
GET /healthCheck
POST /admin/case-record/restore
POST /admin/category/age-range
POST /admin/category/sub-category
POST /admin/medicine/{id}/image
POST /api/faq/contact-us
POST /api/user/check-code
POST /api/user/forgot-password
POST /auth/login
POST /auth/register
PUT /api/user/change-password
PUT /api/user/change-profile
PUT /api/user/set-password

Found on 2026-01-02 10:01

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: airkraft.pacific-airport-engie.nc
Port: 443
URL: https://airkraft.pacific-airport-engie.nc

First seen 2025-11-14 01:33
Last seen 2026-01-09 10:18
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 10:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.devcase.sytac.io
Port: 443
URL: https://api.devcase.sytac.io

First seen 2025-11-15 00:10
Last seen 2026-01-09 10:10
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 10:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: overeni-bankou.skippay.cz
Port: 443
URL: https://overeni-bankou.skippay.cz

First seen 2025-12-03 01:27
Last seen 2026-01-09 10:01
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd18553ecf761b3804c143bd68f31952d69b506847c5f7120c4
```
Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /connect/{providerId}/{providerUserId}
GET /
GET /api/businesscard/banks
GET /api/businesscard/export
GET /api/businesscard/id
GET /connect
GET /connect/{providerId}
GET /redirect/connect
GET /saml/SSO
GET /saml/connect/{provider}
GET /saml/metadata
GET /service/banks
GET /service/clean
GET /service/hello
GET /service/statistics
POST /api/businesscard/bank/delete
POST /api/businesscard/delete
```
  Found on 2026-01-09 10:01
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: ctr-qa-api.makehelsinki.com
Port: 443
URL: https://ctr-qa-api.makehelsinki.com

First seen 2025-11-16 00:34
Last seen 2026-01-09 09:43
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 09:43
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: app.conceptly.io
Port: 443
URL: https://app.conceptly.io

First seen 2025-12-04 00:34
Last seen 2026-01-09 09:20
Open for 36 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43d3ae91f16c195357a9115389e9048a491034aaef

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/processors/processing-status/{status_id}
DELETE /api/v1/workspaces/{workspace_id}/inputs/{input_id}
DELETE /api/v1/workspaces/{workspace_id}/links/by-endpoints
DELETE /api/v1/workspaces/{workspace_id}/links/{link_id}
GET /api/health
GET /api/health/detailed
GET /api/models
GET /api/processors
GET /api/processors/inputs/{input_id}/processing-status
GET /api/processors/inputs/{input_id}/processing-statuses
GET /api/processors/processing-status
GET /api/processors/{processor_id}
GET /api/tags
GET /api/tags/{tag_id}
GET /api/v1/inputs
GET /api/v1/inputs/types
GET /api/v1/inputs/{input_id}
GET /api/v1/inputs/{input_id}/content
GET /api/v1/inputs/{input_id}/download
GET /api/v1/inputs/{input_id}/extractions
GET /api/v1/inputs/{input_id}/tags
GET /api/v1/mcp-servers
GET /api/v1/mcp-servers/{server_id}
GET /api/v1/workspaces
GET /api/v1/workspaces/team-config
GET /api/v1/workspaces/{workspace_id}
GET /api/v1/workspaces/{workspace_id}/inputs
GET /api/v1/workspaces/{workspace_id}/inputs/changed
GET /callback
PATCH /api/v1/inputs/{input_id}/metadata
PATCH /api/v1/workspaces/{workspace_id}/inputs/metadata
POST /api/models/refresh
POST /api/processors/register-defaults
POST /api/processors/run
POST /api/processors/settings
POST /api/processors/{processor_id}/activate
POST /api/processors/{processor_id}/deactivate
POST /api/processors/{processor_id}/process/{input_id}
POST /api/v1/inputs/audio
POST /api/v1/inputs/file
POST /api/v1/inputs/image
POST /api/v1/inputs/text
POST /api/v1/inputs/tool
POST /api/v1/inputs/video
POST /api/v1/inputs/{input_id}/retry
POST /api/v1/inputs/{input_id}/start
POST /api/v1/inputs/{input_id}/test-extraction
POST /api/v1/migrate
POST /api/v1/migrate/workspace_cards/db
POST /api/v1/migrate/workspace_cards/s3
POST /api/v1/workspaces/{workspace_id}/inputs/audio
POST /api/v1/workspaces/{workspace_id}/inputs/file
POST /api/v1/workspaces/{workspace_id}/inputs/image
POST /api/v1/workspaces/{workspace_id}/inputs/multi-linked
POST /api/v1/workspaces/{workspace_id}/inputs/multichat/spawn
POST /api/v1/workspaces/{workspace_id}/inputs/team
POST /api/v1/workspaces/{workspace_id}/inputs/text
POST /api/v1/workspaces/{workspace_id}/inputs/tool
POST /api/v1/workspaces/{workspace_id}/inputs/video
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/propose
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/spawn
POST /api/v1/workspaces/{workspace_id}/links

Found on 2026-01-09 09:20

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43d3ae91f16c195357a9115389e9048a49a78bc951

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/processors/processing-status/{status_id}
DELETE /api/v1/workspaces/{workspace_id}/inputs/{input_id}
DELETE /api/v1/workspaces/{workspace_id}/links/by-endpoints
DELETE /api/v1/workspaces/{workspace_id}/links/{link_id}
GET /api/health
GET /api/health/detailed
GET /api/models
GET /api/processors
GET /api/processors/inputs/{input_id}/processing-status
GET /api/processors/inputs/{input_id}/processing-statuses
GET /api/processors/processing-status
GET /api/processors/{processor_id}
GET /api/tags
GET /api/tags/{tag_id}
GET /api/v1/inputs
GET /api/v1/inputs/types
GET /api/v1/inputs/{input_id}
GET /api/v1/inputs/{input_id}/content
GET /api/v1/inputs/{input_id}/download
GET /api/v1/inputs/{input_id}/extractions
GET /api/v1/inputs/{input_id}/tags
GET /api/v1/mcp-servers
GET /api/v1/mcp-servers/{server_id}
GET /api/v1/workspaces
GET /api/v1/workspaces/team-config
GET /api/v1/workspaces/{workspace_id}
GET /api/v1/workspaces/{workspace_id}/inputs
GET /api/v1/workspaces/{workspace_id}/inputs/changed
GET /callback
PATCH /api/v1/inputs/{input_id}/metadata
PATCH /api/v1/workspaces/{workspace_id}/inputs/metadata
POST /api/models/refresh
POST /api/processors/register-defaults
POST /api/processors/run
POST /api/processors/settings
POST /api/processors/{processor_id}/activate
POST /api/processors/{processor_id}/deactivate
POST /api/processors/{processor_id}/process/{input_id}
POST /api/v1/inputs/audio
POST /api/v1/inputs/file
POST /api/v1/inputs/image
POST /api/v1/inputs/text
POST /api/v1/inputs/tool
POST /api/v1/inputs/video
POST /api/v1/inputs/{input_id}/retry
POST /api/v1/inputs/{input_id}/start
POST /api/v1/inputs/{input_id}/test-extraction
POST /api/v1/migrate
POST /api/v1/migrate/workspace_cards/db
POST /api/v1/migrate/workspace_cards/s3
POST /api/v1/workspaces/{workspace_id}/inputs/audio
POST /api/v1/workspaces/{workspace_id}/inputs/file
POST /api/v1/workspaces/{workspace_id}/inputs/image
POST /api/v1/workspaces/{workspace_id}/inputs/multichat/spawn
POST /api/v1/workspaces/{workspace_id}/inputs/team
POST /api/v1/workspaces/{workspace_id}/inputs/text
POST /api/v1/workspaces/{workspace_id}/inputs/tool
POST /api/v1/workspaces/{workspace_id}/inputs/video
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/propose
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/spawn
POST /api/v1/workspaces/{workspace_id}/links

Found on 2025-12-25 03:10

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43d3ae91f16c195357a9115389e9048a4968aae55d

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/processors/processing-status/{status_id}
DELETE /api/v1/workspaces/{workspace_id}/inputs/{input_id}
DELETE /api/v1/workspaces/{workspace_id}/links/by-endpoints
DELETE /api/v1/workspaces/{workspace_id}/links/{link_id}
GET /api/health
GET /api/health/detailed
GET /api/models
GET /api/processors
GET /api/processors/inputs/{input_id}/processing-status
GET /api/processors/inputs/{input_id}/processing-statuses
GET /api/processors/processing-status
GET /api/processors/{processor_id}
GET /api/tags
GET /api/tags/{tag_id}
GET /api/v1/inputs
GET /api/v1/inputs/types
GET /api/v1/inputs/{input_id}
GET /api/v1/inputs/{input_id}/content
GET /api/v1/inputs/{input_id}/download
GET /api/v1/inputs/{input_id}/extractions
GET /api/v1/inputs/{input_id}/tags
GET /api/v1/mcp-servers
GET /api/v1/mcp-servers/{server_id}
GET /api/v1/workspaces
GET /api/v1/workspaces/team-config
GET /api/v1/workspaces/{workspace_id}
GET /api/v1/workspaces/{workspace_id}/inputs
GET /api/v1/workspaces/{workspace_id}/inputs/changed
GET /callback
PATCH /api/v1/inputs/{input_id}/metadata
PATCH /api/v1/workspaces/{workspace_id}/inputs/metadata
POST /api/models/refresh
POST /api/processors/register-defaults
POST /api/processors/run
POST /api/processors/settings
POST /api/processors/{processor_id}/activate
POST /api/processors/{processor_id}/deactivate
POST /api/processors/{processor_id}/process/{input_id}
POST /api/v1/inputs/audio
POST /api/v1/inputs/file
POST /api/v1/inputs/image
POST /api/v1/inputs/text
POST /api/v1/inputs/tool
POST /api/v1/inputs/video
POST /api/v1/inputs/{input_id}/retry
POST /api/v1/inputs/{input_id}/start
POST /api/v1/inputs/{input_id}/test-extraction
POST /api/v1/migrate
POST /api/v1/migrate/workspace_cards/db
POST /api/v1/migrate/workspace_cards/s3
POST /api/v1/workspaces/{workspace_id}/inputs/audio
POST /api/v1/workspaces/{workspace_id}/inputs/file
POST /api/v1/workspaces/{workspace_id}/inputs/image
POST /api/v1/workspaces/{workspace_id}/inputs/team
POST /api/v1/workspaces/{workspace_id}/inputs/text
POST /api/v1/workspaces/{workspace_id}/inputs/tool
POST /api/v1/workspaces/{workspace_id}/inputs/video
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/propose
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/spawn
POST /api/v1/workspaces/{workspace_id}/links

Found on 2025-12-23 06:25

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43d3ae91f16c195357a9115389e9048a4953114132

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/processors/processing-status/{status_id}
DELETE /api/v1/workspaces/{workspace_id}/inputs/{input_id}
DELETE /api/v1/workspaces/{workspace_id}/links/by-endpoints
DELETE /api/v1/workspaces/{workspace_id}/links/{link_id}
GET /api/health
GET /api/health/detailed
GET /api/models
GET /api/processors
GET /api/processors/inputs/{input_id}/processing-status
GET /api/processors/inputs/{input_id}/processing-statuses
GET /api/processors/processing-status
GET /api/processors/{processor_id}
GET /api/tags
GET /api/tags/{tag_id}
GET /api/v1/inputs
GET /api/v1/inputs/types
GET /api/v1/inputs/{input_id}
GET /api/v1/inputs/{input_id}/content
GET /api/v1/inputs/{input_id}/download
GET /api/v1/inputs/{input_id}/extractions
GET /api/v1/inputs/{input_id}/tags
GET /api/v1/mcp-servers
GET /api/v1/mcp-servers/{server_id}
GET /api/v1/workspaces
GET /api/v1/workspaces/{workspace_id}
GET /api/v1/workspaces/{workspace_id}/inputs
GET /api/v1/workspaces/{workspace_id}/inputs/changed
GET /callback
PATCH /api/v1/inputs/{input_id}/metadata
PATCH /api/v1/workspaces/{workspace_id}/inputs/metadata
POST /api/models/refresh
POST /api/processors/register-defaults
POST /api/processors/run
POST /api/processors/settings
POST /api/processors/{processor_id}/activate
POST /api/processors/{processor_id}/deactivate
POST /api/processors/{processor_id}/process/{input_id}
POST /api/v1/inputs/audio
POST /api/v1/inputs/file
POST /api/v1/inputs/image
POST /api/v1/inputs/text
POST /api/v1/inputs/tool
POST /api/v1/inputs/video
POST /api/v1/inputs/{input_id}/retry
POST /api/v1/inputs/{input_id}/start
POST /api/v1/inputs/{input_id}/test-extraction
POST /api/v1/migrate
POST /api/v1/migrate/workspace_cards/db
POST /api/v1/migrate/workspace_cards/s3
POST /api/v1/workspaces/{workspace_id}/inputs/audio
POST /api/v1/workspaces/{workspace_id}/inputs/file
POST /api/v1/workspaces/{workspace_id}/inputs/image
POST /api/v1/workspaces/{workspace_id}/inputs/team
POST /api/v1/workspaces/{workspace_id}/inputs/text
POST /api/v1/workspaces/{workspace_id}/inputs/tool
POST /api/v1/workspaces/{workspace_id}/inputs/video
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/propose
POST /api/v1/workspaces/{workspace_id}/inputs/{team_input_id}/team/spawn
POST /api/v1/workspaces/{workspace_id}/links

Found on 2025-12-21 06:21

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43d3ae91f16c195357753fc503cd0db24a0f944651

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/processors/processing-status/{status_id}
DELETE /api/v1/workspaces/{workspace_id}/inputs/{input_id}
GET /api/health
GET /api/health/detailed
GET /api/models
GET /api/processors
GET /api/processors/inputs/{input_id}/processing-status
GET /api/processors/inputs/{input_id}/processing-statuses
GET /api/processors/processing-status
GET /api/processors/{processor_id}
GET /api/tags
GET /api/tags/{tag_id}
GET /api/v1/inputs
GET /api/v1/inputs/types
GET /api/v1/inputs/{input_id}
GET /api/v1/inputs/{input_id}/content
GET /api/v1/inputs/{input_id}/download
GET /api/v1/inputs/{input_id}/extractions
GET /api/v1/inputs/{input_id}/tags
GET /api/v1/mcp-servers
GET /api/v1/mcp-servers/{server_id}
GET /api/v1/workspaces
GET /api/v1/workspaces/{workspace_id}
GET /api/v1/workspaces/{workspace_id}/inputs
GET /api/v1/workspaces/{workspace_id}/inputs/changed
GET /callback
PATCH /api/v1/inputs/{input_id}/metadata
PATCH /api/v1/workspaces/{workspace_id}/inputs/metadata
POST /api/models/refresh
POST /api/processors/register-defaults
POST /api/processors/run
POST /api/processors/settings
POST /api/processors/{processor_id}/activate
POST /api/processors/{processor_id}/deactivate
POST /api/processors/{processor_id}/process/{input_id}
POST /api/v1/inputs/audio
POST /api/v1/inputs/file
POST /api/v1/inputs/image
POST /api/v1/inputs/text
POST /api/v1/inputs/tool
POST /api/v1/inputs/video
POST /api/v1/inputs/{input_id}/retry
POST /api/v1/inputs/{input_id}/start
POST /api/v1/inputs/{input_id}/test-extraction
POST /api/v1/migrate
POST /api/v1/migrate/workspace_cards/db
POST /api/v1/migrate/workspace_cards/s3
POST /api/v1/workspaces/{workspace_id}/inputs/audio
POST /api/v1/workspaces/{workspace_id}/inputs/file
POST /api/v1/workspaces/{workspace_id}/inputs/image
POST /api/v1/workspaces/{workspace_id}/inputs/text
POST /api/v1/workspaces/{workspace_id}/inputs/tool
POST /api/v1/workspaces/{workspace_id}/inputs/video

Found on 2025-12-19 07:09

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: paywall.paperview-services.com
Port: 443
URL: https://paywall.paperview-services.com

First seen 2025-11-23 04:11
Last seen 2026-01-09 09:19
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 09:19
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 76.223.11.49
Domain: formalist.srfdigital.ch
Port: 443
URL: https://formalist.srfdigital.ch/_profiler/empty/search/results

First seen 2025-09-19 01:27
Last seen 2026-01-09 09:09
Open for 112 days
- Fingerprint: 407cf4363b0e62fafca67e07cfd1ae84cfd1ae84cfd1ae84cfd1ae84cfd1ae84
```
Symfony profiler enabled:
https://formalist.srfdigital.ch/_profiler/empty/search/results
```
  Found on 2026-01-09 09:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.wihuntiz.com
Port: 443
URL: https://api.wihuntiz.com

First seen 2025-10-28 00:29
Last seen 2026-01-09 08:49
Open for 73 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 08:49
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.wihuntiz.com
Port: 80
URL: http://api.wihuntiz.com

First seen 2025-10-28 00:29
Last seen 2026-01-09 08:49
Open for 73 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 08:49
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: bokslink-api.boks.app
Port: 80
URL: http://bokslink-api.boks.app

First seen 2025-10-21 01:10
Last seen 2026-01-09 08:36
Open for 80 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035495dcf96021d090d403dc8079fd32fc6e13295f002

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/click-and-collect/pre-bookings/{preBookingId}
DELETE /api/sites/{siteId}/configurations/{key}
GET /api/boks
GET /api/boks/single
GET /api/boks/{boksId}
GET /api/boks/{boksId}/keyboard-code
GET /api/click-and-collect/locate
GET /api/click-and-collect/pre-bookings
GET /api/parcel-deliveries
GET /api/parcel-deliveries/canceled
GET /api/parcel-deliveries/retrieved
GET /api/pcbs/single
GET /api/sites/group-names
GET /api/sites/{siteId}
GET /api/user-boks-associations
GET /api/users
GET /api/users/{userId}
POST /api/boks/disassemble
POST /api/click-and-collect/carrier-loadings/{operationId}/drop
POST /api/meta-sites
POST /api/parcel-deliveries/click-and-collect/carrier-loading-operations
POST /api/parcel-deliveries/retrieve
POST /api/parcel-deliveries/{parcelDeliveryId}/cancel
POST /api/parcel-deliveries/{parcelDeliveryId}/deliver
POST /api/parcel-deliveries/{parcelDeliveryId}/drop
POST /api/parcel-deliveries/{parcelDeliveryId}/retrieve
POST /api/remote-ble-deliveries
POST /api/sites
POST /api/sites/{siteId}/configurations
POST /api/sites/{siteId}/manager-invitations
POST /api/support-tickets
POST /api/support-tickets/{supportTicketId}/maintenance-actions
POST /api/support-tickets/{supportTicketId}/return-actions
POST /api/support-tickets/{supportTicketId}/shipping-actions
POST /your-configured-webhook-path-on-your-server-for-cell-loading
POST /your-configured-webhook-path-on-your-server-for-cell-retrieved
PUT /api/parcel-deliveries/{parcelDeliveryId}
PUT /api/user-boks-associations/{userBoksAssociationId}

Found on 2026-01-09 08:36

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-11-12 15:42

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: planification-dev.lps.nc
Port: 443
URL: https://planification-dev.lps.nc

First seen 2025-12-04 00:55
Last seen 2026-01-09 08:15
Open for 36 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 08:15
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: beta-api.thrive3sixtyintl.com
Port: 443
URL: https://beta-api.thrive3sixtyintl.com

First seen 2025-10-20 00:27
Last seen 2026-01-09 08:02
Open for 81 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e58d9f8921293e3bdd45410f4d0e520cf30ce369f9

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/todo/occurrence/{occurrenceId}
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dashboard/affirmation
GET /api/v1/dashboard/current/todo
GET /api/v1/dashboard/info/todo
GET /api/v1/dashboard/priorities
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo
GET /api/v1/todo/archived
GET /api/v1/todo/automated
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/history
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/close
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit
PUT /api/v1/todo/{todoId}

Found on 2026-01-09 08:02

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e58d9f8921293e3bdd45410f4d0e520cf3ac3a5b7a

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/todo/occurrence/{occurrenceId}
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo
GET /api/v1/todo/archived
GET /api/v1/todo/automated
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/history
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/close
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit
PUT /api/v1/todo/{todoId}

Found on 2025-12-20 17:52

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5c9dd838854d106741dc9e4d4fa07ccf8fc566e9c

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/todo/{todoId}
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/history
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/close
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-12-06 06:20

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e399943ac7ffca3991542bb85202

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/push-notification
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-30 19:50

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e399943ac7ffca399154bfa32b66

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/short-term
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-28 15:56

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e399943ac7ffca39915433caf38e

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/appointments
GET /api/v1/addons/appointments/check-clashes
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/monthly-theme
GET /api/v1/addons/monthly-theme/all
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/appointments/{appointmentId}
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-10 04:47

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e556d42d21c3b9e3993fa04fc1f2fd1e2bf3ddeae9

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/anchor-verses
GET /api/v1/addons/anchor-verses/all
GET /api/v1/addons/check-daily-gratitude
GET /api/v1/addons/daily-affirmation
GET /api/v1/addons/daily-affirmations
GET /api/v1/addons/daily-gratitude
GET /api/v1/addons/dream-crystallisation
GET /api/v1/addons/habit-tracker
GET /api/v1/addons/inspired-thoughts
GET /api/v1/addons/notes
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/activate-daily-gratitude
POST /api/v1/addons/daily-affirmation/{affirmationId}/activate
POST /api/v1/addons/daily-affirmation/{affirmationId}/deactivate
POST /api/v1/addons/deactivate-daily-gratitude
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/activate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/deactivate
POST /api/v1/addons/dream-crystallisation/{crystallisationId}/recite
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/addons/daily-affirmation/{affirmationId}
PUT /api/v1/addons/dream-crystallisation/{crystallisationId}
PUT /api/v1/todo/category/edit

Found on 2025-11-08 03:21

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5a57e1f3ee36c86c29a07c9776f6efbe4774853fc

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/v1/addons/habit-tracker
GET /api/v1/auth/thrive/user/phone-number-regions
GET /api/v1/auth/thrive/user/settings
GET /api/v1/dreams/
GET /api/v1/goals
GET /api/v1/goals/{goalId}
GET /api/v1/priorities
GET /api/v1/priorities/all
GET /api/v1/reviews
GET /api/v1/reviews/{reviewId}
GET /api/v1/todo/category/all
GET /api/v1/todo/category/{categoryId}
GET /api/v1/todo/occurrence
GET /api/v1/vision
GET /api/v1/vision/archived
GET /api/v1/vision/notes
POST /api/v1/addons/habit-tracker/{habitTrackerId}/complete
POST /api/v1/auth/forgot-password
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/refresh-token
POST /api/v1/auth/set-password
POST /api/v1/auth/thrive/user/create
POST /api/v1/auth/verify-account
POST /api/v1/auth/verify-token
POST /api/v1/auth/{username}/resend-token
POST /api/v1/dreams/complete
POST /api/v1/dreams/edit/{dreamInfoId}
POST /api/v1/dreams/notes/{dreamInfoId}
POST /api/v1/goals/close/{goalId}
POST /api/v1/priorities/bulk
POST /api/v1/priorities/complete/{priorityId}
POST /api/v1/reviews/annual
POST /api/v1/reviews/monthly
POST /api/v1/reviews/quarterly
POST /api/v1/reviews/weekly
POST /api/v1/todo
POST /api/v1/todo/category
POST /api/v1/todo/complete
POST /api/v1/vision/review/{visionId}
POST /api/v1/vision/{visionId}/edit
PUT /api/v1/todo/category/edit

Found on 2025-11-06 06:48

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: www.wrongsecrets.com
Port: 80
URL: http://www.wrongsecrets.com

First seen 2025-12-07 01:15
Last seen 2026-01-09 07:55
Open for 33 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 07:55
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: webaudit-api.cleverphant.com
Port: 80
URL: http://webaudit-api.cleverphant.com

First seen 2025-11-22 01:54
Last seen 2026-01-09 07:41
Open for 48 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5c4ac7d1589ca10e60dc4b541557e196a41d39167
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/schools/{id}
GET /api/v1/audit/news
GET /api/v1/audit/page/{id}
GET /api/v1/audit/{id}
GET /api/v1/audit/{id}/async
GET /api/v1/audit/{id}/details
GET /api/v1/audit/{id}/details/pdf
GET /api/v1/audit/{id}/pdf
GET /api/v1/documents/parse/task/{id}
GET /api/v1/schools
POST /api/v1/documents/parse/async
POST /api/v1/documents/parse/prompts
POST /api/v1/documents/parse/sync
```
  Found on 2026-01-09 07:41
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: opplevelser-api-stage.vilmer.no
Port: 80
URL: http://opplevelser-api-stage.vilmer.no

First seen 2025-12-08 00:51
Last seen 2026-01-09 07:36
Open for 32 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 07:36
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.staging.gocore.gg
Port: 443
URL: https://api.staging.gocore.gg

First seen 2025-11-15 00:50
Last seen 2026-01-09 06:44
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d6006cde513cfebdf72fb36fb0daa678bcd5d625e14

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/BackOfficeCommon/dashboard
GET /api/BackOfficeGocoreCustomers
GET /api/BackOfficePickemTournamentRewards
GET /api/BackOfficePickemTournaments
GET /api/BackOfficePickemTournaments/{id}
GET /api/BackOfficePickems
GET /api/BackOfficePickems/matches
GET /api/BackOfficePickems/{id}
GET /api/BackOfficePlayers
GET /api/BackOfficePlayers/player-pickems
GET /api/BackOfficeTips
GET /api/BackOfficeTips/{id}
GET /api/BackOfficeTipsters
GET /api/BackOfficeTipsters/id
GET /api/BackOfficeUsers
GET /api/BackOfficeUsers/current-user-detail
GET /api/BackOfficeUsers/fulltext
GET /api/BackOfficeUsers/roles
GET /api/BackOfficeUsers/{id}
GET /api/Matches/match
GET /api/Matches/matches
GET /api/Matches/matches-calendar
GET /api/PandaScore/all-matches
GET /api/Pickems/current-player/all
GET /api/Pickems/current-player/betable
GET /api/Pickems/current-player/history
GET /api/Pickems/player-leaderboards
GET /api/Pickems/player-results
GET /api/Pickems/player-tournament-leaderboards
GET /api/Players
GET /api/Rss/dota-buff
GET /api/Rss/feed
GET /api/Rss/hltv
GET /api/Tips
GET /api/Tips/fulltext
GET /api/Tips/slug/{slug}
GET /api/Tips/slugs
GET /api/Tips/tip-of-day
GET /api/Tips/{id}
GET /api/Tipster/leaderboard
POST /api/BackOfficePickems/create-pickem
POST /api/BackOfficePickems/create-pickems
POST /api/BackOfficePickems/revalidate-pickem
POST /api/Players/email-confirmation
POST /api/Players/send-email-confirmation
POST /api/Users/reset
POST /api/Users/reset-token
PUT /api/BackOfficePickemTournaments/{tournamentId}
PUT /api/BackOfficePickems/adjust-admin-pickems
PUT /api/BackOfficePickems/adjust-bet-pickem
PUT /api/BackOfficePickems/admin-bet-pickem
PUT /api/BackOfficePickems/{pickemId}
PUT /api/BackOfficeTips/admin
PUT /api/BackOfficeUsers/current-user-change-detail
PUT /api/BackOfficeUsers/{id}/lock
PUT /api/BackOfficeUsers/{id}/unlock
PUT /api/Pickems/bet
PUT /api/Pickems/bets
PUT /api/Users/change-password

Found on 2026-01-09 06:44

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: fs.casting42.com
Port: 443
URL: https://fs.casting42.com

First seen 2025-10-29 00:38
Last seen 2026-01-09 06:34
Open for 72 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43869028cbd1ea91a74d48b993cd85f1cb12a033d5
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /company
GET /company/logo
GET /settings/fields
GET /settings/lists
GET /settings/skills
GET /talents
GET /talents/new-talents
GET /talents/photos/{talent-tag}/{photo-size}
PATCH /talents/update
POST /auth
POST /talents/create
POST /talents/find
POST /talents/upload-photo
```
  Found on 2026-01-09 06:34
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dev-api.artodo.io
Port: 443
URL: https://dev-api.artodo.io

First seen 2025-12-05 21:03
Last seen 2026-01-09 06:09
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 06:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: www.yyuacildurum.com
Port: 443
URL: https://www.yyuacildurum.com

First seen 2025-12-05 05:23
Last seen 2026-01-09 05:34
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e54457313b2bd13cbc17ed3a2f5a28872a0908e52e
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/auth/deleteuser
GET /api/v1/auth/filter
GET /api/v1/auth/records
GET /forms/beyazdata/{recordId}
GET /forms/kirmizidata/{recordId}
GET /forms/mavidata/{recordId}
GET /forms/pembedata/{recordId}
PATCH /api/v1/users
POST /api/v1/auth/authenticate
POST /api/v1/auth/authenticateflutter
POST /api/v1/auth/registerm
```
  Found on 2026-01-09 05:34
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: repository.phywe.com
Port: 443
URL: https://repository.phywe.com

First seen 2025-11-14 00:04
Last seen 2026-01-09 05:11
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 05:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: carrefour-realizasyon.triomobil.com
Port: 80
URL: http://carrefour-realizasyon.triomobil.com

First seen 2025-10-16 00:58
Last seen 2026-01-09 05:09
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035491aafb93f77a72431bc4350373837716d5b2bbd8c
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /alarmEmailAddress
GET /excelExportSensorHistory
GET /excelExportSensorHistoryLastDepot
GET /excelExportTemperatureSensorHistory
GET /excelExportVehicles
GET /plansWithSensorAndLastDepot
GET /routePlanReport
GET /sensorHistory
GET /sensorHistoryLastDepot
GET /telematikVehicles
GET /temperatureSensorHistory
POST /ReSendPlansOrtec
POST /excelExportRealization
POST /excelExportSensorAlarms
POST /excelExportTemperatureSensorAlarms
POST /login
POST /reSendAllStepOrtec
POST /reSendStepOrtec
POST /wsdl
PUT /alarmEmailAddress/{id}
```
  Found on 2026-01-09 05:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: log-insights.triomobil.com
Port: 443
URL: https://log-insights.triomobil.com

First seen 2025-10-19 21:55
Last seen 2026-01-09 04:31
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354919b7edf0ba8daa07fbe96ca9fbe96ca9fbe96ca9
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /filterLogEvent
GET /logGroups
POST /login
```
  Found on 2026-01-09 04:31
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.chainzsolutions.com
Port: 80
URL: http://api.chainzsolutions.com

First seen 2025-11-16 00:00
Last seen 2026-01-09 04:25
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 04:25
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: app.termedisirmione.com
Port: 80
URL: http://app.termedisirmione.com

First seen 2025-11-14 01:34
Last seen 2026-01-09 04:25
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 04:25
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: spark-whitelist-sandbox.tibaparking.net
Port: 80
URL: http://spark-whitelist-sandbox.tibaparking.net

First seen 2025-11-27 01:18
Last seen 2026-01-09 04:22
Open for 43 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549fbe044dda28986cd8c28ff6f0ba49ef3369c19d3
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/credential/verify/{credentialValue}
GET /api/credential/{credentialValue}
GET /api/lpr/verify/{lprValue}
GET /api/lpr/{lprValue}
POST /api/credential
POST /api/credential/sync
POST /api/lpr
POST /api/lpr/sync
```
  Found on 2026-01-09 04:22
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dev.api.backoffice.hotlens.com
Port: 80
URL: http://dev.api.backoffice.hotlens.com

First seen 2025-10-19 01:29
Last seen 2026-01-09 04:03
Open for 82 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549e1b57d3fd8842e098dd0f579f1dd61fd702085ea
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Logs/changes-fulltext
GET /api/Logs/messaging
GET /api/Users/backoffice
GET /api/Users/backoffice/current-user-detail
GET /api/Users/backoffice/fulltext
GET /api/Users/backoffice/roles
GET /api/Users/backoffice/{id}
HEAD /api/Logs/health-check
HEAD /api/Users/backoffice/health-check
POST /api/Users/backoffice/reset
POST /api/Users/backoffice/reset-token
PUT /api/Users/backoffice/current-user-change-detail
PUT /api/Users/backoffice/current-user-change-password
PUT /api/Users/backoffice/{id}/lock
PUT /api/Users/backoffice/{id}/unlock
```
  Found on 2026-01-09 04:03
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.novalytica.com
Port: 80
URL: http://api.novalytica.com

First seen 2025-10-18 00:26
Last seen 2026-01-09 02:23
Open for 83 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff432b6bf1d6cad4cbc9a35ed5632f1fbe8551d2ebe2
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /address
GET /apartment/{egid}
GET /apartment/{egid}/{edid}
GET /apartment/{egid}/{edid}/{ewid}
GET /around-me
GET /building/{egid}
GET /building/{egid}/apartments
GET /building/{egid}/entries
GET /buildings
GET /buildings/{egrid}
GET /entry/{egid}
GET /entry/{egid}/{edid}
GET /features/{feature_name}
GET /landplot/{egrid}
GET /landplot/{egrid}/buildings
GET /listing/full/{id}
GET /listing/{id}
GET /listings
GET /listings/full
GET /microlocation
GET /tokens
GET /users
GET /users/{username}
POST /users/change-password
```
  Found on 2026-01-09 02:23
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: www.wmpeditions.com
Port: 443
URL: https://www.wmpeditions.com

First seen 2025-11-10 00:32
Last seen 2026-01-09 01:10
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 01:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: conversor-server.biglelegal.com
Port: 443
URL: https://conversor-server.biglelegal.com

First seen 2025-11-17 00:26
Last seen 2026-01-09 01:06
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 01:06
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: app.dryklin.com
Port: 80
URL: http://app.dryklin.com

First seen 2025-10-19 00:49
Last seen 2026-01-08 23:40
Open for 81 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b51d51f2c6e85ed1225dfb559ea4846bae8d070d3

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/v1/auth/delete
DELETE /api/v1/{customerId}/delete-location
GET /
GET /api/agents/get-all
GET /api/item-types/get-all
GET /api/item-types/get-by-service-type
GET /api/item-types/{id}
GET /api/referrals/bonus-history/{referrerId}
GET /api/referrals/count/{code}
GET /api/referrals/guest/{email}
GET /api/referrals/total-bonus/{referrerId}
GET /api/referrals/user/{userId}
GET /api/service-partners/get-all
GET /api/service-types/get-all
GET /api/service-types/{id}
GET /api/user-stats/cancelled-orders
GET /api/user-stats/completed-orders
GET /api/user-stats/monthly-logins
GET /api/user-stats/new-users-per-month
GET /api/user-stats/orders-placed-per-month
GET /api/user-stats/profile-updates-per-month
GET /api/v1/auth/email
GET /api/v1/auth/get-all-subadmins
GET /api/v1/auth/get-all-users
GET /api/v1/auth/get-registration-level
GET /api/v1/auth/get-user
GET /api/v1/auth/username/{username}
GET /api/v1/auth/{id}
GET /api/v1/in-app-notifications/get-all/{userId}
GET /api/v1/laundry/get-all-orders
GET /api/v1/laundry/my-order-history
GET /api/v1/laundry/my-pending-orders
GET /api/v1/laundry/quick-pickup/all-orders
GET /api/v1/laundry/quick-pickup/orders-by-status/{status}
GET /api/v1/{customerId}/get-locations
GET /dashboard/get-account-details
GET /dashboard/get-wallet-details
GET /dashboard/get-wallet-details-by-id
PATCH /api/v1/{customerId}/location
POST /api/agents/add
POST /api/item-types/addItem
POST /api/notifications/send-test
POST /api/referrals/generate/guest
POST /api/referrals/generate/user/{userId}
POST /api/referrals/use
POST /api/service-partners/add
POST /api/service-types/add-service-type
POST /api/v1/auth/admin/register
POST /api/v1/auth/create
POST /api/v1/auth/create-subadmin
POST /api/v1/auth/filter
POST /api/v1/auth/initiate-password-reset
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/register
POST /api/v1/auth/reset-password
POST /api/v1/auth/resetTransactionPin
POST /api/v1/auth/save-username
POST /api/v1/auth/send-otp
POST /api/v1/auth/subadmins/deactivate
POST /api/v1/auth/subadmins/suspend
POST /api/v1/auth/upload-document
POST /api/v1/auth/upload-image
POST /api/v1/auth/upload-to-cloudinary
POST /api/v1/auth/validate-otp
POST /api/v1/auth/validate-transaction-pin
POST /api/v1/checkout-laundry-order
POST /api/v1/fcm/token
POST /api/v1/laundry/place-order
POST /api/v1/laundry/place-quick-pick-up-order
POST /api/v1/laundry/quick-pickup/calculate-bill
POST /api/v1/laundry/quick-pickup/confirm-pickup
POST /api/v1/laundry/quick-pickup/notify-customer/{orderId}
POST /api/v1/ledger/get
POST /api/v1/ledger/get-csv
POST /api/v1/ledger/get-excel
POST /api/v1/notifications/test-welcome
POST /dashboard/get-transaction-history
POST /payment/bill/initialize-payment
POST /payment/bill/verify-transaction
POST /payment/debit-wallet-complete-order
POST /payment/fund-wallet-with-card
POST /payment/webhook
PUT /api/v1/auth/{customerId}
PUT /api/v1/auth/{userId}/deactivate
PUT /api/v1/auth/{userId}/suspend
PUT /api/v1/in-app-notifications/markAsRead/{id}/{userId}
PUT /api/v1/laundry/cancel-order/{orderId}
PUT /api/v1/laundry/complete-order/{orderId}
PUT /api/v1/laundry/confirm-order/{orderId}
PUT /api/v1/laundry/quick-pickup/mark-at-facility/{orderId}
PUT /api/v1/{customerId}/add-location

Found on 2026-01-08 23:40

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: formation.widget-api.local.fr
Port: 80
URL: http://formation.widget-api.local.fr

First seen 2025-10-28 22:26
Last seen 2026-01-08 23:30
Open for 72 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-08 23:30
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-dev.delivast.co.za
Port: 443
URL: https://api-dev.delivast.co.za

First seen 2025-10-14 04:40
Last seen 2026-01-08 23:13
Open for 86 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-08 23:13
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: server.pp.viabeez.com
Port: 80
URL: http://server.pp.viabeez.com

First seen 2025-10-28 01:00
Last seen 2026-01-08 22:34
Open for 72 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-08 22:34
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.pokerbunch.com
Port: 443
URL: https://api.pokerbunch.com

First seen 2025-11-23 01:21
Last seen 2026-01-08 22:25
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-08 22:25
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: preprod-bokslink-api.boks.app
Port: 80
URL: http://preprod-bokslink-api.boks.app

First seen 2025-10-20 01:07
Last seen 2026-01-08 22:12
Open for 80 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035495dcf96021d090d403dc8079fd32fc6e13295f002

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/click-and-collect/pre-bookings/{preBookingId}
DELETE /api/sites/{siteId}/configurations/{key}
GET /api/boks
GET /api/boks/single
GET /api/boks/{boksId}
GET /api/boks/{boksId}/keyboard-code
GET /api/click-and-collect/locate
GET /api/click-and-collect/pre-bookings
GET /api/parcel-deliveries
GET /api/parcel-deliveries/canceled
GET /api/parcel-deliveries/retrieved
GET /api/pcbs/single
GET /api/sites/group-names
GET /api/sites/{siteId}
GET /api/user-boks-associations
GET /api/users
GET /api/users/{userId}
POST /api/boks/disassemble
POST /api/click-and-collect/carrier-loadings/{operationId}/drop
POST /api/meta-sites
POST /api/parcel-deliveries/click-and-collect/carrier-loading-operations
POST /api/parcel-deliveries/retrieve
POST /api/parcel-deliveries/{parcelDeliveryId}/cancel
POST /api/parcel-deliveries/{parcelDeliveryId}/deliver
POST /api/parcel-deliveries/{parcelDeliveryId}/drop
POST /api/parcel-deliveries/{parcelDeliveryId}/retrieve
POST /api/remote-ble-deliveries
POST /api/sites
POST /api/sites/{siteId}/configurations
POST /api/sites/{siteId}/manager-invitations
POST /api/support-tickets
POST /api/support-tickets/{supportTicketId}/maintenance-actions
POST /api/support-tickets/{supportTicketId}/return-actions
POST /api/support-tickets/{supportTicketId}/shipping-actions
POST /your-configured-webhook-path-on-your-server-for-cell-loading
POST /your-configured-webhook-path-on-your-server-for-cell-retrieved
PUT /api/parcel-deliveries/{parcelDeliveryId}
PUT /api/user-boks-associations/{userBoksAssociationId}

Found on 2026-01-08 22:12

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: evobot.myfunc.io
Port: 80
URL: http://evobot.myfunc.io

First seen 2025-11-03 01:18
Last seen 2026-01-08 20:39
Open for 66 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035494046a9d18aebeda059a9c3714290f54fcc9db69f
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /legacy/kick/channel/{channelName}
GET /partner-api/channel/info
GET /partner-api/channel/status
GET /partner-api/viewer/balance
GET /partner-api/viewer/info
POST /partner-api/channel/give
POST /partner-api/channel/message/send
POST /partner-api/connection
POST /partner-api/viewer/balance/add
POST /partner-api/viewer/balance/sub
POST /partner-api/viewer/reset-balances
```
  Found on 2026-01-08 20:39
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: dmcp.vivin.app
Port: 443
URL: https://dmcp.vivin.app

First seen 2025-11-21 05:23
Last seen 2026-01-08 20:32
Open for 48 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43714a58ce1b81d097b49def6bdb8958f86cde37ff
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /
GET /.well-known/oauth-protected-resource
GET /.well-known/openid-configuration
GET /health
GET /mcp
POST /mcp/messages
```
  Found on 2026-01-08 20:32
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-v2.chainzsolutions.com
Port: 80
URL: http://api-v2.chainzsolutions.com

First seen 2025-11-01 06:47
Last seen 2026-01-08 19:22
Open for 68 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-08 19:22
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: display.e-coucou.com
Port: 80
URL: http://display.e-coucou.com

First seen 2025-09-06 01:25
Last seen 2026-01-05 01:30
Open for 121 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0fd02d66879a538a8abbe46778bbe46778
```
Found 3 files trough .DS_Store spidering:

/css
/data
/js
```
  Found on 2026-01-05 01:30
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: platform.femaleinai.com
Port: 443
URL: https://platform.femaleinai.com

First seen 2025-07-07 14:52
Last seen 2026-01-05 00:30
Open for 181 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d516b4a56516b4a56516b4a56516b4a56
```
Found 1 files trough .DS_Store spidering:

/fonts
```
  Found on 2026-01-05 00:30
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.leasingberegner.com
Port: 443
URL: https://www.leasingberegner.com

First seen 2025-10-31 00:10
Last seen 2026-01-04 05:51
Open for 65 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39fe05c1b5f1181593f8150e32795df9ff72fc9cb
```
GraphQL introspection enabled at /graphql
Types: 31 (by kind: ENUM: 2, OBJECT: 24, SCALAR: 5)
Operations:
- Query: Query | fields: brand, company, me
- Mutation: Mutation | fields: activateUser, changePassword, createOffer, createToken, refreshToken
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
```
  Found on 2026-01-04 05:51
  
  38.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: brfbokenmalmo.cpms46.se
Port: 443
URL: https://brfbokenmalmo.cpms46.se

First seen 2025-11-11 06:54
Last seen 2026-01-04 05:33
Open for 53 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-04 05:33
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: swimkiddo.cz
Port: 80
URL: http://swimkiddo.cz

First seen 2025-11-18 20:34
Last seen 2026-01-03 21:10
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3504af1f44d310a1eefed1e11ea2cac38f46dca2214

GraphQL introspection enabled at /api
Types: 109 (by kind: ENUM: 3, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 28, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUserLanguage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 21:10

59.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027ce5e245f8575a8f9122be337d84978b1823dd8

GraphQL introspection enabled at /api
Types: 110 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 26, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-18 12:29

57.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3505eea81318fb65f335b05dcfeb704cc51873a1c6d

GraphQL introspection enabled at /api
Types: 109 (by kind: ENUM: 5, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 26, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-16 10:55

57.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dbdd11618948e1a3729ac8ee86968a411d6ecbdd

GraphQL introspection enabled at /api
Types: 108 (by kind: ENUM: 5, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 25, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-12 12:14

55.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11af48710dc778673a45ee00904

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: courseProgress, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-08 14:48

45.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11a00563df6f79eff2675fded82

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-18 20:34

45.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: keeper.space
Port: 443
URL: https://keeper.space

First seen 2025-10-22 16:17
Last seen 2026-01-03 01:05
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dc3f3add607e4ebf4c1f8237ed824744f0fba1be

GraphQL introspection enabled at /api
Types: 69 (by kind: ENUM: 6, INPUT_OBJECT: 16, OBJECT: 39, SCALAR: 8)
Operations:
- Query: RootQueryType | fields: accounts, calculateCost, calculateItemisedCost, currentBooking, currentOrganisations
- Mutation: RootMutationType | fields: createAccount, createAvailability, createBooking, createExtra, createPaymentIntent
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-03 01:05

113.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35012ec146f8ca75f3d96f610ddcdd11dda6b44e76c

GraphQL introspection enabled at /api
Types: 68 (by kind: ENUM: 5, INPUT_OBJECT: 16, OBJECT: 39, SCALAR: 8)
Operations:
- Query: RootQueryType | fields: calculateCost, calculateItemisedCost, currentBooking, currentOrganisations, currentUser
- Mutation: RootMutationType | fields: createAccount, createAvailability, createBooking, createExtra, createPaymentIntent
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-08 18:58

113.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.infoticker.ch
Port: 443
URL: https://www.infoticker.ch

First seen 2025-11-08 00:23
Last seen 2026-01-03 01:02
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-03 01:02
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: apollo.weweb.app
Port: 443
URL: https://apollo.weweb.app

First seen 2025-11-10 01:01
Last seen 2026-01-03 00:52
Open for 53 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa30d8e9b11d43964d3d38109894c28d2dca98c0290
```
GraphQL introspection enabled at /graphql
Types: 78 (by kind: ENUM: 3, OBJECT: 68, SCALAR: 7)
Operations:
- Query: Query | fields: _empty, getCollection, getCollectionAccess, getPublicCollections, getUserCollections
- Mutation: Mutation | fields: _empty, createCollection, createFrontVersion, createManagerVersion, updateCollection
Directives: cacheControl, deprecated, include, skip (total: 4)
```
  Found on 2026-01-03 00:52
  
  160.8 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: obchod.stokrle.cz
Port: 80
URL: http://obchod.stokrle.cz

First seen 2025-10-19 22:29
Last seen 2026-01-03 00:32
Open for 75 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595689292b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1243
orders (args: optional/default) : totalCount=1332
returns (args: optional/default) : totalCount=54
orderCounts (args: none) : pendingCount=5 readyCount=3

Found on 2026-01-03 00:32

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59534cb3718

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1233
orders (args: optional/default) : totalCount=1318
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=1

Found on 2025-12-27 07:16

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59565cb1775

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1232
orders (args: optional/default) : totalCount=1317
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=0

Found on 2025-12-25 07:53

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ed97c5be

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1227
orders (args: optional/default) : totalCount=1311
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=5 readyCount=0

Found on 2025-12-21 04:20

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59529391304

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1212
orders (args: optional/default) : totalCount=1296
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=6

Found on 2025-12-19 04:29

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59521f245bb

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1194
orders (args: optional/default) : totalCount=1273
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=5

Found on 2025-12-17 00:12

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953d153e1f

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1162
orders (args: optional/default) : totalCount=1232
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=10

Found on 2025-12-13 19:53

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc2a27d7

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1139
orders (args: optional/default) : totalCount=1206
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=11 readyCount=12

Found on 2025-12-11 14:19

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595effd073d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1049
orders (args: optional/default) : totalCount=1102
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=5 readyCount=5

Found on 2025-12-01 20:23

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59554845a8b

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1035
orders (args: optional/default) : totalCount=1086
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=3

Found on 2025-11-29 13:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59585e8f95c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1029
orders (args: optional/default) : totalCount=1080
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=4

Found on 2025-11-27 12:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9e5ab79

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=20 pendingCount=2

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595c1b2ce33

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=20

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595866240c3

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1011
orders (args: optional/default) : totalCount=1076
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=14 pendingCount=2

Found on 2025-11-23 12:26

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5950de65e0a

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1000
orders (args: optional/default) : totalCount=1064
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=7

Found on 2025-11-21 12:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595e68648c5

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=987
orders (args: optional/default) : totalCount=1049
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=7

Found on 2025-11-16 18:43

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953a7768b2

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=981
orders (args: optional/default) : totalCount=1043
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-14 21:55

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59548893766

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=973
orders (args: optional/default) : totalCount=1034
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=11

Found on 2025-11-12 19:43

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc23607d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=967
orders (args: optional/default) : totalCount=1025
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=4

Found on 2025-11-10 15:37

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc179252

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=962
orders (args: optional/default) : totalCount=1020
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=5

Found on 2025-11-08 13:37

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59557758efe

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=958
orders (args: optional/default) : totalCount=1016
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-07 00:25

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5958d91a35c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=954
orders (args: optional/default) : totalCount=1012
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-04 21:04

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59548c0df42

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=952
orders (args: optional/default) : totalCount=1010
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-02 23:06

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595dfca50a5

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=950
orders (args: optional/default) : totalCount=1008
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-01 15:37

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5956f3571b4

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=943
orders (args: optional/default) : totalCount=1001
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-28 16:35

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595eff96d38

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=999
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=3 pendingCount=2

Found on 2025-10-26 10:16

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fb80c7b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=998
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-24 06:39

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59579b1d7a8

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=939
orders (args: optional/default) : totalCount=994
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-22 07:05

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ee629943

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=8 pendingCount=3

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9ecd561

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=8

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: eat2.emenunow.com
Port: 443
URL: https://eat2.emenunow.com

First seen 2025-07-06 00:13
Last seen 2026-01-03 00:17
Open for 181 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe56ccd0a90f16b30a2f
```
Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/assets
/background
/bell.mp3
/favicon.ico
/fonts
/robots.txt
```
  Found on 2026-01-03 00:17
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.b2design.pt
Port: 443
URL: https://www.b2design.pt

First seen 2022-09-19 19:43
Last seen 2026-01-03 00:07
Open for 1201 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642d00b80a50469be720469be720469be72
```
Found 2 files trough .DS_Store spidering:

/packs
/uploads
```
  Found on 2026-01-03 00:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d29c9543a29c9543a29c9543a29c9543a
```
Found 1 files trough .DS_Store spidering:

/uploads
```
  Found on 2024-12-26 15:49
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging.api.intergasxpert.nl
Port: 443
URL: https://staging.api.intergasxpert.nl

First seen 2025-11-15 00:00
Last seen 2026-01-03 00:05
Open for 49 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa390791a358f929cb7685db2d13acaeabce5cb7398

GraphQL introspection enabled at /graphql
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2026-01-03 00:05

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e41399e61e08b8968a0c3716da7567af6bda3693

GraphQL introspection enabled at /graphql
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-01 09:37

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3500cd15bf189b6d97367b45775da774028f2f4a9b4

GraphQL introspection enabled at /api
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-11-15 00:00

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-15 00:00

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: admin.youcare.app
Port: 80
URL: http://admin.youcare.app

First seen 2025-12-09 00:12
Last seen 2026-01-02 23:57
Open for 24 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b6fdd1eea760b11ef9c5b992638fb25cf34122ac

GraphQL introspection enabled at /graphql
Types: 376 (by kind: ENUM: 16, INPUT_OBJECT: 138, OBJECT: 185, SCALAR: 23, UNION: 14)
Operations:
- Query: Query | fields: i18NLocale, i18NLocales_connection, uploadFile, uploadFiles, uploadFiles_connection
- Mutation: Mutation | fields: createReviewWorkflowsWorkflow, createReviewWorkflowsWorkflowStage, deleteReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflowStage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 23:57

641.2 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: test.api.intergasxpert.nl
Port: 443
URL: https://test.api.intergasxpert.nl

First seen 2025-12-02 00:52
Last seen 2026-01-02 23:38
Open for 31 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa390791a358f929cb7685db2d13acaeabce5cb7398

GraphQL introspection enabled at /graphql
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2026-01-02 23:38

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350b2f9387ac031512a87f20fe29145a9433ed33d47

GraphQL introspection enabled at /api
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-05 00:00

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-05 00:00

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e41399e61e08b8968a0c3716da7567af6bda3693

GraphQL introspection enabled at /graphql
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-02 00:52

262.9 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.kinobeiz.ch
Port: 443
URL: https://www.kinobeiz.ch

First seen 2025-03-03 00:02
Last seen 2026-01-02 23:35
Open for 305 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d55ae152455ae152455ae152455ae1524
```
Found 1 files trough .DS_Store spidering:

/_app
```
  Found on 2026-01-02 23:35
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: clubhouse.rorypicko.com
Port: 443
URL: https://clubhouse.rorypicko.com

First seen 2025-11-24 04:25
Last seen 2026-01-02 23:18
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dc8140940c46f858cabfa265d0db5cc46b5a52bc
```
GraphQL introspection enabled at /graphql
Types: 284 (by kind: ENUM: 4, INPUT_OBJECT: 54, OBJECT: 214, SCALAR: 11, UNION: 1)
Operations:
- Query: Query | fields: game, games, gamesConnection, groupCode, groupCodes
- Mutation: Mutation | fields: createGame, createGroupCode, deleteGame, updateGame, updateGroupCode
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 23:18
  
  233.6 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: get.duocards.com
Port: 80
URL: http://get.duocards.com

First seen 2025-11-01 06:48
Last seen 2026-01-02 23:18
Open for 62 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3604b202c00d8793009843ffcebc244e91a4677bd

GraphQL introspection enabled at /graphql
Types: 107 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 78, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 23:18

170.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa353df1b225d341c72a9f6110ebfa9c6876c7f05bb

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 77, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-13 03:31

166.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.hubbo.io
Port: 443
URL: https://api.hubbo.io

First seen 2025-11-14 02:12
Last seen 2026-01-02 22:40
Open for 49 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e4a875b1d0c530b3d560e81017d2632ef0101968

GraphQL introspection enabled at /graphql
Types: 70 (by kind: ENUM: 7, INPUT_OBJECT: 9, OBJECT: 47, SCALAR: 7)
Operations:
- Query: Query | fields: client_getCurrentAccount, getAllAccounts, getCurrentAccount, getCurrentAccountPermissions, signin
- Mutation: Mutation | fields: createAccount, removeAccount, resetPassword, signup, updateAccount
- Subscription: Subscription | fields: accountCreated, accountDeleted, accountUpdated, client_accountCreated, client_accountUpdated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 22:40

93.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-11 13:28

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: j2sourcing.cpms46.se
Port: 443
URL: https://j2sourcing.cpms46.se

First seen 2025-12-03 10:22
Last seen 2026-01-02 22:28
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 22:28
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: staging.fakturaonline.rs
Port: 443
URL: https://staging.fakturaonline.rs

First seen 2025-11-21 01:08
Last seen 2026-01-02 22:24
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36d28a95c564e59e0cddbc3cda7412a4873bc2370

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 10, INPUT_OBJECT: 45, OBJECT: 102, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: bankTransfer, billing, checkInvoiceNumberExistence, checkPattern, companyLookup
- Mutation: Mutation | fields: aresMerkTracking, billingUpdate, cancelOrder, contactExport, contactForm
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 22:24

230.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c8f610dc2ef1fc607ba2f64dc46cedc8803786f0

GraphQL introspection enabled at /graphql
Types: 147 (by kind: ENUM: 10, INPUT_OBJECT: 43, OBJECT: 85, SCALAR: 9)
Operations:
- Query: Query | fields: bankTransfer, billing, checkInvoiceNumberExistence, checkPattern, companyLookup
- Mutation: Mutation | fields: aresMerkTracking, billingUpdate, cancelOrder, contactExport, contactForm
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-01 07:06

189.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-21 01:08

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: users-api.ayamedica.com
Port: 80
URL: http://users-api.ayamedica.com

First seen 2025-10-21 20:11
Last seen 2026-01-02 22:17
Open for 73 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39e84629942b1dffbe098365369f7593f315cdf3f

GraphQL introspection enabled at /graphql
Types: 63 (by kind: ENUM: 7, INPUT_OBJECT: 12, OBJECT: 34, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfUserExistsByEmail, checkIfUserExistsByPhoneNumber, checkIfUserExistsByPhoneNumberForWeb, me, readMyAppSettings
- Mutation: Mutation | fields: changeMyPassword, completeMyInformation, createADefaultPassword, createAndAddStudentToSchool, createAndAddSubuserToMyAccount
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 16)

Found on 2026-01-02 22:17

88.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: lookups-api.ayamedica.com
Port: 443
URL: https://lookups-api.ayamedica.com

First seen 2025-10-19 22:21
Last seen 2026-01-02 22:17
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec201bc1efe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 22:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c1e9a46e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-27 02:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cd44cbf4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 22:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2966e62f2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-23 06:51

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a6d9452e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e52e80d0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f5a6f2b4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2261ccdb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cb9881cc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-20 23:53

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27a89d40a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 22:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27aff364a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-16 20:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203534222

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-13 07:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cff4a630

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-11 09:12

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2df774d28

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-01 05:22

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec217c05168

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-29 11:50

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d00263de

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-27 06:25

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec242d9453c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-23 05:29

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eef0cb1a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-20 23:15

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28af18d52

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-16 13:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236f12386

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 15:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d2e3927c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-12 14:55

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 18:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f44cb372

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 14:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b2760eaa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-06 18:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-04 14:49

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20168d916

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 03:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ac87ea22

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea87a91a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec255f2cf1e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec224611340

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec293cbf212

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-01 21:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f6a3a19e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 21:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e6325c82

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23ae5b778

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21c58dbc2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b418d948

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 13:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fde024f0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-24 09:59

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db47adb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-22 11:38

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec273afbc8e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec278719574

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20fcf623c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.denkmal.org
Port: 80
URL: http://api.denkmal.org

First seen 2025-11-08 00:23
Last seen 2026-01-02 21:53
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa392c8aa009f12d4c4965138d9500687a390bb1e0f
```
GraphQL introspection enabled at /graphql
Types: 43 (by kind: ENUM: 4, INPUT_OBJECT: 5, OBJECT: 25, SCALAR: 9)
Operations:
- Query: Query | fields: event, region, regions, regionsList, venue
- Mutation: Mutation | fields: addGenre, addGenreCategory, addRegion, changeGenreCategory, deleteGenreCategory
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 21:53
  
  68.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: allpas.comgy-testing.club
Port: 443
URL: https://allpas.comgy-testing.club

First seen 2025-11-18 01:28
Last seen 2026-01-02 21:32
Open for 45 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 21:32

123.0 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: test.loctoc.ch
Port: 443
URL: https://test.loctoc.ch

First seen 2025-04-26 06:17
Last seen 2026-01-02 21:30
Open for 251 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c6e6dc6946e6dc694fedec6307f18637751efd19c66f98ad6

Found 84 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer

Found on 2026-01-02 21:30

Severity: medium
Fingerprint: 5f32cf5d6962f09c68a1b33768a1b337ab42217f38322b18d527951de0438465

Found 90 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/rest
/img/trainer/sheet_notes

Found on 2025-12-27 03:41

Severity: medium
Fingerprint: 5f32cf5d6962f09c1f1b52f11f1b52f1ee5187493b3acd76865a0b3b7f4db5ec

Found 96 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/rest
/img/trainer/rest/note
/img/trainer/rest/rest
/img/trainer/sheet_notes

Found on 2025-12-25 03:13

Severity: low
Fingerprint: 5f32cf5d6962f09c47dfe71947dfe719d66dae01c566674c05972c03f165e415

Found 16 files trough .DS_Store spidering:

/img
/img/faq
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol

Found on 2025-12-11 13:17

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf0211ca5db6a91065e356c9c3ecdb6f1dba

Found 24 files trough .DS_Store spidering:

/img
/img/faq
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol

Found on 2025-12-01 05:51

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a55a73ade0767624b30c4cd047627fe0d

Found 19 files trough .DS_Store spidering:

/img
/img/faq
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name

Found on 2025-11-29 10:29

Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcd106316815a6801f9ff096e49f25ad2a

Found 22 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer

Found on 2025-11-10 09:19

Severity: medium
Fingerprint: 5f32cf5d6962f09c70ba7b5770ba7b57ba99771fc265aa3870523c7d941f4578

Found 54 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/trainer

Found on 2025-11-08 07:39

Severity: medium
Fingerprint: 5f32cf5d6962f09cff76d438ff76d438c300a22c36e6e9e37a4754f0802a2372

Found 93 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/sheet_notes

Found on 2025-09-02 10:35

Severity: low
Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea97cc669111b6b1bced2c71e730092a020

Found 23 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol

Found on 2025-07-23 01:06

Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa54478188f10fed1698c82201a9cda2007691

Found 18 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name

Found on 2025-07-12 23:55

Severity: low
Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcf5e19d2073af3f6508a9264b528f9eb08

Found 25 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/public_files
/public_files/downloads

Found on 2025-05-27 00:34

Severity: medium
Fingerprint: 5f32cf5d6962f09c9ff0dc619ff0dc61e9306d7992c063c6ed81800b69558235

Found 85 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/public_files

Found on 2025-05-13 02:50

Severity: low
Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea97cc66911b6602a76d259a85147adf14d

Found 23 files trough .DS_Store spidering:

/img
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/public_files

Found on 2025-05-10 20:58

Severity: medium
Fingerprint: 5f32cf5d6962f09c910c508a910c508a31905ceec9a80081171a96e621fae847

Found 55 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/trainer
/public_files

Found on 2025-05-09 04:14

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf0211ca5db66d591a7bade475360a2b438a

Found 24 files trough .DS_Store spidering:

/img
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/public_files
/public_files/downloads

Found on 2025-05-06 14:30

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: mandate.o3cards.com
Port: 443
URL: https://mandate.o3cards.com

First seen 2025-10-18 17:47
Last seen 2026-01-02 21:10
Open for 76 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d61428fa16245259c6de5c78ad766d5a6382c8c673
```
GraphQL introspection enabled at /api/graphql
Types: 86 (by kind: ENUM: 2, INPUT_OBJECT: 4, OBJECT: 75, SCALAR: 5)
Operations:
- Query: Query | fields: findOrg, getConfig, getOperationDate, getOrgs, getTransac
- Mutation: Mutation | fields: createAccount, createIcadAccountCif, createOrg, createTransac, updateOrg
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 21:10
  
  158.7 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-10-18 17:47
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: staging.invoiceonline.com
Port: 443
URL: https://staging.invoiceonline.com

First seen 2025-11-20 01:21
Last seen 2026-01-02 20:40
Open for 43 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39aff3fb62dbd0926c0819a0fbaa39df7d5799bc7

GraphQL introspection enabled at /graphql
Types: 211 (by kind: ENUM: 10, INPUT_OBJECT: 66, OBJECT: 125, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: bankTransfer, billing, checkInvoiceNumberExistence, checkPattern, companyLookup
- Mutation: Mutation | fields: aresMerkTracking, billingUpdate, cancelOrder, contactCreate, contactDelete
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 20:40

281.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b09a5b484fe640ecb3949291b102550d344ab1dd

GraphQL introspection enabled at /graphql
Types: 191 (by kind: ENUM: 10, INPUT_OBJECT: 64, OBJECT: 108, SCALAR: 9)
Operations:
- Query: Query | fields: bankTransfer, billing, checkInvoiceNumberExistence, checkPattern, companyLookup
- Mutation: Mutation | fields: aresMerkTracking, billingUpdate, cancelOrder, contactCreate, contactDelete
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-01 13:24

240.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.meister1.com
Port: 80
URL: http://api.meister1.com

First seen 2025-11-06 01:26
Last seen 2026-01-02 20:37
Open for 57 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33541b8531fe2de114dc724d06dba1ce6c28a1342

GraphQL introspection enabled at /graphql
Types: 282 (by kind: ENUM: 29, INPUT_OBJECT: 101, INTERFACE: 4, OBJECT: 141, SCALAR: 7)
Operations:
- Query: Query | fields: account, orderableProducts, smtpConfigTemplates, viewer, workAccounts
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, openingHourUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 20:37

306.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa324cdecb9b7011ddb6ffde35650105b30f0a7d860

GraphQL introspection enabled at /graphql
Types: 276 (by kind: ENUM: 29, INPUT_OBJECT: 97, INTERFACE: 4, OBJECT: 139, SCALAR: 7)
Operations:
- Query: Query | fields: account, orderableProducts, smtpConfigTemplates, viewer, workAccounts
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, openingHourUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-01 16:57

298.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa369c36065dd47fde723f2fd4ad0c8112467af7e84

GraphQL introspection enabled at /graphql
Types: 270 (by kind: ENUM: 28, INPUT_OBJECT: 94, INTERFACE: 3, OBJECT: 138, SCALAR: 7)
Operations:
- Query: Query | fields: account, orderableProducts, smtpConfigTemplates, viewer, workAccounts
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, openingHourUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-06 01:26

292.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.bookist.org
Port: 80
URL: http://www.bookist.org

First seen 2025-12-09 01:02
Last seen 2026-01-02 20:35
Open for 24 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3db2a2f39193c095bc804d573a865ed690b25213d

GraphQL introspection enabled at /graphql
Types: 103 (by kind: ENUM: 11, INPUT_OBJECT: 2, OBJECT: 80, SCALAR: 10)
Operations:
- Query: Query | fields: getSeries, mostReadAuthors, peopleSuggestions, userReadingStats, userReadingStatsNew
- Mutation: Mutation | fields: makeChoice, signinRequestOtp, signupRequestOtp, updateUser, validateOtp
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 20:35

146.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e20acc0afc1b73ba2f42b18d5a4240af263cd7c3

GraphQL introspection enabled at /graphql
Types: 100 (by kind: ENUM: 11, INPUT_OBJECT: 2, OBJECT: 77, SCALAR: 10)
Operations:
- Query: Query | fields: getAuthor, getSeries, mostReadAuthors, peopleSuggestions, userReadingStats
- Mutation: Mutation | fields: makeChoice, signinRequestOtp, signupRequestOtp, updateUser, validateOtp
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-23 02:36

140.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: beta.polizeiticker.at
Port: 80
URL: http://beta.polizeiticker.at

First seen 2025-11-21 02:19
Last seen 2026-01-02 20:29
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 20:29
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.community.24baby.nl
Port: 80
URL: http://api.community.24baby.nl

First seen 2025-11-19 00:32
Last seen 2026-01-02 20:00
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2026-01-02 20:00

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b4ca487c72215bc0d7f9c3620abc3244ad72ee83

GraphQL introspection enabled at /graphql
Types: 636 (by kind: ENUM: 127, INPUT_OBJECT: 190, INTERFACE: 15, OBJECT: 294, SCALAR: 8, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-26 08:48

647.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa344c9c6bd4c7ac65fda7f843d275b7d89ca4c5ac8

GraphQL introspection enabled at /graphql
Types: 630 (by kind: ENUM: 127, INPUT_OBJECT: 189, INTERFACE: 15, OBJECT: 290, SCALAR: 7, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-12 23:49

646.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3f94152ef9f6e9ebd6fa7964705770b936dc151d2

GraphQL introspection enabled at /graphql
Types: 624 (by kind: ENUM: 125, INPUT_OBJECT: 187, INTERFACE: 15, OBJECT: 288, SCALAR: 7, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-23 14:00

643.8 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: pickaband.com
Port: 443
URL: https://pickaband.com

First seen 2024-12-17 10:31
Last seen 2026-01-02 19:39
Open for 381 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c575112a7575112a7e0aa0ed88206ba54163fe0635706d688

Found 102 files trough .DS_Store spidering:

/audio
/system
/uploads
/uploads/tmp
/uploads/tmp/1544094159-1924-0001-7560
/uploads/tmp/1544095130-2081-0001-1657
/uploads/tmp/1544095211-2081-0002-5743
/uploads/tmp/1544095699-2513-0001-6121
/uploads/tmp/1544095876-2595-0001-5167
/uploads/tmp/1544095899-2595-0002-7767
/uploads/tmp/1544098003-2595-0003-3003
/uploads/tmp/1544098154-2924-0001-1886
/uploads/tmp/1544098208-2924-0002-3694
/uploads/tmp/1550243553-4424-0001-2379
/uploads/tmp/1559652344-5815-0001-2673
/uploads/tmp/1559653441-5815-0002-2030
/uploads/tmp/1559653442-5815-0003-6577
/uploads/tmp/1559653466-5815-0004-3285
/uploads/tmp/1559653568-5815-0005-8162
/uploads/tmp/1559653611-5815-0006-6806
/uploads/tmp/1559653648-5815-0007-1697
/uploads/tmp/1568037011-3840-0019-7015
/uploads/tmp/1568041202-6481-0001-3726
/uploads/tmp/1568816168-4656-0001-8480
/uploads/tmp/1568816203-4656-0002-7401
/uploads/tmp/1568991762-6896-0003-6748
/uploads/tmp/1569245641-7210-0001-2661
/uploads/tmp/1570480229-6008-0001-0573
/uploads/tmp/1570480268-6008-0002-2284
/uploads/tmp/1570480342-6008-0003-4516
/uploads/tmp/1570480737-6008-0005-6454
/uploads/tmp/1570481114-6279-0001-0328
/uploads/tmp/1570714852-48464-0003-3138
/uploads/tmp/1570802023-4639-0001-2104
/uploads/tmp/1570802063-4639-0002-3763
/uploads/tmp/1570802079-4639-0003-7794
/uploads/tmp/1570802169-4639-0004-8330
/uploads/tmp/1570802330-4639-0006-8044
/uploads/tmp/1570802626-4639-0010-6137
/uploads/tmp/1570802776-4639-0011-5421
/uploads/tmp/1570805817-4639-0013-6022
/uploads/tmp/1570807868-4639-0019-1714
/uploads/tmp/1571056747-4726-0002-5755
/uploads/tmp/1572341961-1198-0001-4703
/uploads/tmp/1572346364-1198-0004-3301
/uploads/tmp/1572346797-28853-0001-9522
/uploads/tmp/1572346997-28853-0002-9585
/uploads/tmp/1572347045-28853-0003-2116
/uploads/tmp/1572347162-28853-0004-0399
/uploads/tmp/1572451125-37829-0001-5287
/uploads/tmp/1572451237-37829-0002-9395
/uploads/tmp/1572451246-37829-0003-2204
/uploads/tmp/1572451307-37829-0004-9998
/uploads/tmp/1579182373-4609-0003-3076
/uploads/tmp/1579182686-4609-0004-1609
/uploads/tmp/1579531794-1696-0001-1978
/uploads/tmp/1579531830-1696-0002-6703
/uploads/tmp/1579531880-1696-0003-6321
/uploads/tmp/1580904491-4546-0001-7617
/uploads/tmp/1580904516-4546-0002-6551
/uploads/tmp/1580905915-4546-0004-0692
/uploads/tmp/1580906269-4546-0005-8079
/uploads/tmp/1580906291-4546-0006-8039
/uploads/tmp/1580909449-4546-0007-0974
/uploads/tmp/1580909526-4546-0008-9499
/uploads/tmp/1580913633-4546-0010-6962
/uploads/tmp/1580913677-4546-0011-6222
/uploads/tmp/1580913698-4546-0012-7822
/uploads/tmp/1580913903-4546-0013-7837
/uploads/tmp/1580915687-4546-0014-1127
/uploads/tmp/1580917856-16576-0003-8184
/uploads/tmp/1580917875-16576-0004-0174
/uploads/tmp/1580917896-16576-0005-8950
/uploads/tmp/1580918111-16576-0006-6036
/uploads/tmp/1580918120-16576-0007-2309
/uploads/tmp/1580918724-16576-0010-2426
/uploads/tmp/1580984002-1794-0006-3620
/uploads/tmp/1583498690-66750-0001-8281
/uploads/tmp/1583498890-66750-0002-9703
/uploads/tmp/1583499334-66750-0003-0904
/uploads/tmp/1583499358-66749-0001-2926
/uploads/tmp/1583499607-66749-0002-9300
/uploads/tmp/1583499662-66749-0003-1153
/uploads/tmp/1583499910-66750-0004-2505
/uploads/tmp/1583500017-66749-0004-9129
/uploads/tmp/1583500058-66749-0005-3226
/uploads/tmp/1583501562-67642-0001-9464
/uploads/tmp/1583502227-67642-0002-0719
/uploads/tmp/1583502306-67643-0002-8722
/uploads/tmp/1583502336-67643-0003-7714
/uploads/tmp/1583502380-67642-0003-0961
/uploads/tmp/1601455728-1590-0002-3825
/uploads/tmp/1699456637-16203-0001-7280
/uploads/tmp/1699457674-19245-0001-1407
/uploads/tmp/1699612836-5352-0001-3817
/uploads/tmp/1699617067-7867-0001-6891
/uploads/tmp/1700056225-9452-0001-5145
/uploads/tmp/1700056305-9451-0001-5755
/uploads/tmp/1700056324-9451-0002-8754
/uploads/tmp/1700056564-10332-0001-7796
/uploads/tmp/1721220728-530766577892206-0001-1305
/uploads/tmp/1721222033-574015857537163-0002-1057

Found on 2026-01-02 19:39

Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f09968c30735b432cd3bab40bd3bab40b
```
Found 3 files trough .DS_Store spidering:

/audio
/system
/uploads
```
Found on 2025-10-04 00:04

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: my.move-o.com
Port: 443
URL: https://my.move-o.com

First seen 2025-12-03 20:27
Last seen 2026-01-02 19:29
Open for 29 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57adf0e4e169b733daecc97d54f7c87926e

Found 19 files trough .DS_Store spidering:

/assets
/assets/assets
/assets/assets/images
/assets/assets/images/icons
/assets/assets/images/round
/assets/assets/js
/assets/assets/translations
/assets/fonts
/assets/packages
/assets/packages/cupertino_icons
/assets/packages/flutter_inappwebview
/assets/packages/flutter_inappwebview_web
/assets/packages/iconsax_flutter
/assets/packages/iconsax_flutter/fonts
/assets/packages/timezone
/assets/packages/wakelock_plus
/assets/shaders
/canvaskit
/icons

Found on 2026-01-02 19:29

Severity: low
Fingerprint: 5f32cf5d6962f09c39aac35b39aac35bf639e88d2aab61ad7914d6680f920eb1

Found 14 files trough .DS_Store spidering:

/assets
/assets/assets
/assets/fonts
/assets/packages
/assets/packages/cupertino_icons
/assets/packages/flutter_inappwebview
/assets/packages/flutter_inappwebview_web
/assets/packages/iconsax_flutter
/assets/packages/iconsax_flutter/fonts
/assets/packages/timezone
/assets/packages/wakelock_plus
/assets/shaders
/canvaskit
/icons

Found on 2025-12-03 20:27

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: app.commutely.org
Port: 443
URL: https://app.commutely.org

First seen 2025-12-03 00:27
Last seen 2026-01-02 19:24
Open for 30 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3eef2a5825db19212c575fa566f9fbe0f60f2e4b3

GraphQL introspection enabled at /graphql
Types: 148 (by kind: ENUM: 7, INPUT_OBJECT: 49, INTERFACE: 2, OBJECT: 82, SCALAR: 8)
Operations:
- Query: Query | fields: accounts, currentAccount, id, itineraries, node
- Mutation: Mutation | fields: createAccountVehicle, createAddress, createBaseConsumption, createItinerary, createLocation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-02 19:24

180.9 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: content.muenchner-freiheit.de
Port: 80
URL: http://content.muenchner-freiheit.de

First seen 2025-10-29 06:13
Last seen 2026-01-02 19:11
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1959fcb93

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-12-30T10:49:30.817Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2026-01-02 19:11

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b186129fa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-27 05:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1995723af

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-21 01:48

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1e6f8fde7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-12-19 05:02

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1cc966ea7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-12-17 02:18

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1f17be25b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-13 17:19

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b168e2efa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-12-10 22:05

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b123b50381

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1327d55dd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1453d64d3

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-30 16:53

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1034d14cd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-28 13:16

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b115e1536f

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-22 14:31

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1321bac77

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-20 16:46

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1f13c198f

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-16 07:17

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b17a879755

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-12 06:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180c75764

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-10 06:36

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b12dc3d2de

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-08 04:27

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1de647432

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-06 11:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1bccfc226

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-04 05:42

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1263755c8

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-02 10:32

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180916aa4

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1d758e830

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b16c7d2ace

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b17073818a

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.school-application.ie
Port: 80
URL: http://api.school-application.ie

First seen 2025-11-27 01:08
Last seen 2026-01-02 19:02
Open for 36 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 19:02
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: daftoresort.cpms46.se
Port: 443
URL: https://daftoresort.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 18:58
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:58
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: hunt-api.tyb.cz
Port: 443
URL: https://hunt-api.tyb.cz

First seen 2025-10-24 10:16
Last seen 2026-01-02 18:51
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa32583e0a5f45ea9a7a5b386a2159d0ca8961b4f55

GraphQL introspection enabled at /graphql
Types: 87 (by kind: ENUM: 8, INPUT_OBJECT: 32, OBJECT: 38, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: hunt, huntTemplate, huntTemplates, hunts, location
- Mutation: Mutation | fields: addHuntUser, addLocation, huntCreate, huntRemove, huntTemplateCreate
- Subscription: Subscription | fields: addedLocation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 18:51

107.7 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: newmandate.o3cards.com
Port: 443
URL: https://newmandate.o3cards.com

First seen 2025-11-25 00:54
Last seen 2026-01-02 18:50
Open for 38 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d61428fa16245259c6de5c78ad766d5a6382c8c673
```
GraphQL introspection enabled at /api/graphql
Types: 86 (by kind: ENUM: 2, INPUT_OBJECT: 4, OBJECT: 75, SCALAR: 5)
Operations:
- Query: Query | fields: findOrg, getConfig, getOperationDate, getOrgs, getTransac
- Mutation: Mutation | fields: createAccount, createIcadAccountCif, createOrg, createTransac, updateOrg
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 18:50
  
  158.7 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-11-25 00:54
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: ksa-users-api.ayamedica.com
Port: 443
URL: https://ksa-users-api.ayamedica.com

First seen 2025-10-19 22:12
Last seen 2026-01-02 18:32
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39e84629942b1dffbe098365369f7593f315cdf3f

GraphQL introspection enabled at /graphql
Types: 63 (by kind: ENUM: 7, INPUT_OBJECT: 12, OBJECT: 34, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfUserExistsByEmail, checkIfUserExistsByPhoneNumber, checkIfUserExistsByPhoneNumberForWeb, me, readMyAppSettings
- Mutation: Mutation | fields: changeMyPassword, completeMyInformation, createADefaultPassword, createAndAddStudentToSchool, createAndAddSubuserToMyAccount
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 16)

Found on 2026-01-02 18:32

88.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39e84629942b1dffbe098365369f7593f325ce080

GraphQL introspection enabled at /graphql
Types: 63 (by kind: ENUM: 7, INPUT_OBJECT: 12, OBJECT: 34, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfUserExistsByEmail, checkIfUserExistsByPhoneNumber, checkIfUserExistsByPhoneNumberForWeb, me, readMyAppSettings
- Mutation: Mutation | fields: changeMyPassword, completeMyInformation, createADefaultPassword, createAndAddStudentToSchool, createAndAddSubuserToMyAccount
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Found on 2025-10-19 22:12

88.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: monolith-api.ayamedica.com
Port: 80
URL: http://monolith-api.ayamedica.com

First seen 2025-10-21 19:59
Last seen 2026-01-02 18:25
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33183c6fd8d61be1f410e8f10231defc24b56f811

GraphQL introspection enabled at /graphql
Types: 295 (by kind: ENUM: 19, INPUT_OBJECT: 42, OBJECT: 224, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfAppointmentExists, readAllAppointments, readAppointmentDetails, readAppointmentPatients, readAppointments
- Mutation: Mutation | fields: cancelSchoolAppointment, checkOutSchoolAppointment, createSchoolAppointment, deleteSchoolAppointment, editSchoolAppointment
- Subscription: Subscription | fields: importProgress, progrssUpload
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 16)

Found on 2026-01-02 18:25

370.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-10 20:35

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: pmalmo.park46.se
Port: 443
URL: https://pmalmo.park46.se

First seen 2025-11-03 00:48
Last seen 2026-01-02 18:15
Open for 60 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:15
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: th-apac.smile-view.com
Port: 80
URL: http://th-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 18:05
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f012485b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 18:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751da7809af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 23:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 18:36

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 20:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c4ea55cf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 23:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b8f77893

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 22:14

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775107cb2291

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-16 20:12

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751407da9d5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 07:08

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519b570aa9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-11 09:18

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513c6cf323

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512e06ad15

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515c640d17

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-28 13:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775115320aff

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 15:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775126b21ecb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-20 14:15

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2f08f27d7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:37

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e27647fea7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e23818e5b3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.denkmal.org
Port: 443
URL: https://api.denkmal.org

First seen 2025-11-08 00:23
Last seen 2026-01-02 17:59
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa392c8aa009f12d4c4965138d9500687a390bb1e0f
```
GraphQL introspection enabled at /graphql
Types: 43 (by kind: ENUM: 4, INPUT_OBJECT: 5, OBJECT: 25, SCALAR: 9)
Operations:
- Query: Query | fields: event, region, regions, regionsList, venue
- Mutation: Mutation | fields: addGenre, addGenreCategory, addRegion, changeGenreCategory, deleteGenreCategory
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 17:59
  
  68.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.konferencje.pfg.org.pl
Port: 443
URL: https://api.konferencje.pfg.org.pl

First seen 2025-11-21 00:28
Last seen 2026-01-02 17:48
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3bbea57351ea35bb7b0226cf2dc689562dc689562
```
GraphQL introspection enabled at /graphql
Types: 376 (by kind: ENUM: 24, INPUT_OBJECT: 148, OBJECT: 200, SCALAR: 4)
Operations:
- Query: Query | fields: Admin, Conference, ConferenceAdmin, Content, Edition
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 17:48
  
  342.4 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: bbhendo.nyttig-info.dk
Port: 80
URL: http://bbhendo.nyttig-info.dk

First seen 2025-05-09 09:54
Last seen 2026-01-02 17:47
Open for 238 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc837288bff59bf90a4cd9c223b6d9c6c7
```
Found 4 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/offline.html
/vejledninger
```
  Found on 2026-01-02 17:47
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f021ea090ae41dfe7d05d4973d05d4973
```
Found 3 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/vejledninger
```
  Found on 2025-12-14 12:11
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e9775a8c4ec0656fb9a29642268d158f28
```
Found 5 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/offline.html
/vejledninger
/ViewerJS
```
  Found on 2025-05-18 06:29
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: bi.newsoftds.pt
Port: 443
URL: https://bi.newsoftds.pt

First seen 2025-11-13 15:32
Last seen 2026-01-02 17:44
Open for 50 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35aee7a8da59d52af3fd10a3131990b197f7925dd

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 2, OBJECT: 47, SCALAR: 6)
Operations:
- Query: Query | fields: hello, info, municipiosEstatisticas, orcamentoIndicadores, orcamentoOnlineIndicadores
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-02 17:44

98.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35aee7a8da59d52af3fd10a3131990b193ad76085

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 2, OBJECT: 47, SCALAR: 6)
Operations:
- Query: Query | fields: hello, info, municipiosEstatisticas, orcamentoIndicadores, orcamentoOnlineIndicadores
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-29 13:33

98.1 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: ima-sta-api.app.denovo.cloud
Port: 443
URL: https://ima-sta-api.app.denovo.cloud

First seen 2025-11-19 00:02
Last seen 2026-01-02 17:41
Open for 44 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3baa152aa79dead9a225c900557afb8be248c77aa
```
GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 5, INPUT_OBJECT: 4, OBJECT: 29, SCALAR: 6)
Operations:
- Query: Query | fields: getUser, getUserGroup, userData, userGroupsWithProductGroups, usersForUserGroup
- Mutation: Mutation | fields: createUser, createUserGroup, deactivateUser, updateUser, updateUserGroup
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 17:41
  
  74.5 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: directus.nofipa.dk
Port: 80
URL: http://directus.nofipa.dk

First seen 2025-11-14 01:53
Last seen 2026-01-02 17:36
Open for 49 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3327c188f71518b9dca153267c0c3e223fd2aac33
```
GraphQL introspection enabled at /graphql
Types: 23 (by kind: ENUM: 3, OBJECT: 12, SCALAR: 8)
Operations:
- Query: Query | fields: _empty
- Subscription: Subscription | fields: directus_files_mutated
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 17:36
  
  26.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: selectapi.orientalweavers.com
Port: 443
URL: https://selectapi.orientalweavers.com

First seen 2025-12-05 01:08
Last seen 2026-01-02 17:24
Open for 28 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39c2ed9c86f2d406c21cf596041104d470aa66e7b
```
GraphQL introspection enabled at /graphql
Types: 123 (by kind: ENUM: 6, INPUT_OBJECT: 13, INTERFACE: 1, OBJECT: 97, SCALAR: 6)
Operations:
- Query: Query | fields: allPatches, allSampleCodes, allSkuCodes, allSkus, ordersByUser
- Mutation: Mutation | fields: createOrder, createPresignedUrls, deletePresignedUrls, updateSku, uploadSku
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 17:24
  
  166.0 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.castello.is
Port: 80
URL: http://api.castello.is

First seen 2025-11-13 04:23
Last seen 2026-01-02 17:20
Open for 50 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa30080bac2bb172bd2a03acbea7b2404e0b11bebf8
```
GraphQL introspection enabled at /graphql
Types: 157 (by kind: ENUM: 2, INPUT_OBJECT: 41, OBJECT: 110, SCALAR: 4)
Operations:
- Query: RootQueryType | fields: adminIndexBranches, adminIndexEmployees, adminIndexToppings, adminSingleBranch, adminSingleEmployee
- Mutation: Mutation | fields: adminCreateEmployee, adminDeleteEmployee, adminGenerateSignature, adminUpdateEmployee, adminUpdateUser
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 17:20
  
  189.6 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-28 17:38
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: haggai.maxipropay.com
Port: 443
URL: https://haggai.maxipropay.com

First seen 2025-10-25 00:48
Last seen 2026-01-02 17:20
Open for 69 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d61428fa16245259c6de5c78ad766d5a6382c8c673
```
GraphQL introspection enabled at /api/graphql
Types: 86 (by kind: ENUM: 2, INPUT_OBJECT: 4, OBJECT: 75, SCALAR: 5)
Operations:
- Query: Query | fields: findOrg, getConfig, getOperationDate, getOrgs, getTransac
- Mutation: Mutation | fields: createAccount, createIcadAccountCif, createOrg, createTransac, updateOrg
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 17:20
  
  158.7 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-12-24 00:53
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: content.muenchner-freiheit.de
Port: 443
URL: https://content.muenchner-freiheit.de

First seen 2025-10-29 06:13
Last seen 2026-01-02 17:13
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b13c44504d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-12-30T10:49:30.817Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2026-01-02 17:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1b04ea211

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-26 21:35

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b10a732e3d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-24 23:18

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1beb9f9ff

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-23 01:43

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b123b50381

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-20 14:49

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1327d55dd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-18 16:21

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b167cd6b0b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-13 02:46

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b186129fa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 15:12

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1b83f7e17

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b176dfb18b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b15ecc9cf9

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b11d32050d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-29 02:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1cc966ea7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-22 20:37

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b11b0afd81

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-20 22:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b135731bb5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-16 10:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1453d64d3

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-12 06:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180c75764

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-10 06:36

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1d758e830

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-08 04:27

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b147921c8a

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-04 05:42

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1263755c8

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-02 10:32

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19eb96636

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-01 04:44

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b12116d430

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b120239506

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19104d47c

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19e090134

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: familjebostader.park46.se
Port: 443
URL: https://familjebostader.park46.se

First seen 2025-10-17 00:42
Last seen 2026-01-02 16:38
Open for 77 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 16:38
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.duocards.com
Port: 80
URL: http://api.duocards.com

First seen 2025-11-20 00:12
Last seen 2026-01-02 16:37
Open for 43 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3604b202c00d8793009843ffcebc244e91a4677bd

GraphQL introspection enabled at /graphql
Types: 107 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 78, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 16:37

170.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa353df1b225d341c72a9f6110ebfa9c6876c7f05bb

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 77, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-16 11:50

166.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: th-apac.smile-view.com
Port: 443
URL: https://th-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 16:27
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c6d9bb31

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2026-01-02 16:27

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e0a66559

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-30 14:41

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516a8daced

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 13:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377510154fc39

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-25 07:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751233616bb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 09:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d1d8be61

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-21 09:30

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a005f4fd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-19 10:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751415efaef

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-17 01:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516e7df099

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-12 22:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a416a011

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-11 05:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751386a6a2d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751828b9dcf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 14:54

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751544b7517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511549a7d9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775128fec145

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f9d4dd7d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775132f854fb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 14:10

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513132d4cb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-22 15:46

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775191f64f31

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-20 14:15

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2e33cf079

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:37

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e29c2d1b1b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e267790285

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e220f16517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e28cbd65af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: industrigallerian-ae.cpms46.se
Port: 443
URL: https://industrigallerian-ae.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 16:23
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 16:23
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: gamlafrunfastigheter.cpms46.se
Port: 443
URL: https://gamlafrunfastigheter.cpms46.se

First seen 2025-12-03 10:23
Last seen 2026-01-02 15:44
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:44
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: system.avantifostering.co.uk
Port: 443
URL: https://system.avantifostering.co.uk

First seen 2025-07-27 13:26
Last seen 2026-01-02 15:17
Open for 159 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94de2484e3cc2484e3cc2484e3cc
```
Found 2 files trough .DS_Store spidering:

/assets
/js
```
  Found on 2026-01-02 15:17
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d86bfb45c8612ad1a912f6c58bc0c15542
```
Found 8 files trough .DS_Store spidering:

/assets
/assets/images
/assets/images/error.svg
/assets/images/favicon.ico
/assets/images/loader-icon.gif
/assets/images/logo1.png
/assets/tmp
/js
```
  Found on 2025-08-02 19:33
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: eishockeyticker.ch
Port: 80
URL: http://eishockeyticker.ch

First seen 2025-11-08 00:02
Last seen 2026-01-02 15:11
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:11
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: rails.prod.sonisto.com
Port: 80
URL: http://rails.prod.sonisto.com

First seen 2025-11-22 04:04
Last seen 2026-01-02 15:07
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6d52dd05934867b3b3a07f9bb1971318b1d8566e3
```
GraphQL introspection enabled at /api/graphql
Types: 77 (by kind: ENUM: 6, INPUT_OBJECT: 16, OBJECT: 49, SCALAR: 6)
Operations:
- Query: Query | fields: allCategories, allCurrentPromotions, allOrganizations, cart, category
- Mutation: Mutation | fields: acceptForcedTrial, addToCart, changePassword, createDownload, createFinalOrder
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:07
  
  108.6 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: sverigeparkering.park46.se
Port: 443
URL: https://sverigeparkering.park46.se

First seen 2025-11-12 03:03
Last seen 2026-01-02 14:31
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 14:31
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: stockholmia.park46.se
Port: 443
URL: https://stockholmia.park46.se

First seen 2025-11-02 00:28
Last seen 2026-01-02 14:31
Open for 61 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 14:31
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: inteacampus.cpms46.se
Port: 443
URL: https://inteacampus.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 14:30
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 14:30
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: staging.leasingberegner.com
Port: 443
URL: https://staging.leasingberegner.com

First seen 2025-12-08 00:49
Last seen 2026-01-02 14:26
Open for 25 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39fe05c1b5f1181593f8150e32795df9ff72fc9cb
```
GraphQL introspection enabled at /graphql
Types: 31 (by kind: ENUM: 2, OBJECT: 24, SCALAR: 5)
Operations:
- Query: Query | fields: brand, company, me
- Mutation: Mutation | fields: activateUser, changePassword, createOffer, createToken, refreshToken
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
```
  Found on 2026-01-02 14:26
  
  38.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: api-staging.maximomes.app
Port: 443
URL: https://api-staging.maximomes.app

First seen 2025-11-03 09:04
Last seen 2026-01-02 14:06
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fdfcbd6b4b001829a9433755b1d507f00d51b571

GraphQL introspection enabled at /graphql
Types: 269 (by kind: ENUM: 13, INPUT_OBJECT: 106, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 14:06

264.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e1614c57cd654b85505aab1100a28164d16706a5

GraphQL introspection enabled at /graphql
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-02 00:13

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e298c7f2a80af71f8c64af1d0c0f32bb9b2279ddec

GraphQL introspection enabled at /graphql/api
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-29 05:28

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e271fbc2d4c5e99d186f9b84380521e7ff132ad580

GraphQL introspection enabled at /graphql/api
Types: 265 (by kind: ENUM: 13, INPUT_OBJECT: 102, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-27 05:44

261.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e24619f22e3b6106de17cff00a451a1d79558322da

GraphQL introspection enabled at /graphql/api
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-22 17:20

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36f747e3dab42d8df2ee822471b1a6e7225b3d99b

GraphQL introspection enabled at /graphql
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-14 15:16

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2
```
GraphQL introspection enabled at /graphql/api
```
Found on 2025-11-12 14:13

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a120b6f80324881c1acc411cb52239abe473eb1c

GraphQL introspection enabled at /graphql
Types: 259 (by kind: ENUM: 13, INPUT_OBJECT: 98, INTERFACE: 2, OBJECT: 72, SCALAR: 74)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-05 07:27

255.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa316ba1348e34e28ec1ab3ffac77572fbb2b906fcc

GraphQL introspection enabled at /graphql
Types: 254 (by kind: ENUM: 12, INPUT_OBJECT: 97, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-03 09:04

249.2 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.fap.aqvc.com
Port: 443
URL: https://api.fap.aqvc.com

First seen 2025-12-02 00:23
Last seen 2026-01-02 14:06
Open for 31 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39a620f2713b62b952c0f0479f0ce327a412e8d82

GraphQL introspection enabled at /graphql
Types: 46 (by kind: ENUM: 4, INPUT_OBJECT: 14, OBJECT: 21, SCALAR: 7)
Operations:
- Query: Query | fields: fetchAllAnswers, fetchAnswers, fetchAnswersForAdmin, fetchUser, getApplications
- Mutation: Mutation | fields: cancelInvitation, createInvitation, createPipe, deletePipe, deleteTeamMember
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-02 14:06

59.8 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: foretagslokaler.park46.se
Port: 443
URL: https://foretagslokaler.park46.se

First seen 2025-11-17 00:04
Last seen 2026-01-02 13:52
Open for 46 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:52
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: demo.comgy-testing.club
Port: 443
URL: https://demo.comgy-testing.club

First seen 2025-11-19 01:01
Last seen 2026-01-02 13:49
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 13:49

123.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: kvarterettarnan.park46.se
Port: 443
URL: https://kvarterettarnan.park46.se

First seen 2025-11-24 03:45
Last seen 2026-01-02 13:48
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:48
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: parkering.parkando.se
Port: 443
URL: https://parkering.parkando.se

First seen 2025-11-08 01:12
Last seen 2026-01-02 13:35
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:35
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.termofix.no
Port: 80
URL: http://www.termofix.no

First seen 2025-03-15 15:40
Last seen 2026-01-02 13:28
Open for 292 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d89a8fd6d89a8fd6d89a8fd6d89a8fd6d
```
Found 1 files trough .DS_Store spidering:

/img
```
  Found on 2026-01-02 13:28
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.venyou.no
Port: 443
URL: https://api.venyou.no

First seen 2025-11-07 00:56
Last seen 2026-01-02 13:22
Open for 56 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-02 13:22

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-01 02:15

511.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: ladda.voltiva.se
Port: 443
URL: https://ladda.voltiva.se

First seen 2025-11-24 03:06
Last seen 2026-01-02 13:20
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:20
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: brfappleodlingen.cpms46.se
Port: 443
URL: https://brfappleodlingen.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 13:19
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 13:19
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: au-apac.smile-view.com
Port: 443
URL: https://au-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 13:09
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511b4e4377

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 13:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751760dab47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 18:58

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751453b7333

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-25 01:38

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512c7fdc51

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 16:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751201a4a95

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 18:40

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514eaf432f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 06:41

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751db2f8065

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 06:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512dd51ca7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519f692aa9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-12 11:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775155c7a92d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775159d666c5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 14:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515a9b7a9f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516cd48f7f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-02 06:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775128767491

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751acdaa877

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: medium
Fingerprint: c2db3a1c40d490dbaf340e11af340e11af340e11af340e11af340e11af340e11
```
GraphQL introspection enabled at /api/gql
```
Found on 2025-12-01 04:16

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d9cba587

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 20:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 15:11

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519f82d4e1

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-26 18:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:51

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f628c2ad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-21 10:24

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e23a68196b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : total=3 limit=100 skip=0
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-18 06:21

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2f5128399

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 21:33

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2d1c85db3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e20aff96eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e27108de7b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b2ede85f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: ima-sta-api.app.denovo.cloud
Port: 80
URL: http://ima-sta-api.app.denovo.cloud

First seen 2025-11-19 00:02
Last seen 2026-01-02 12:59
Open for 44 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3baa152aa79dead9a225c900557afb8be248c77aa
```
GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 5, INPUT_OBJECT: 4, OBJECT: 29, SCALAR: 6)
Operations:
- Query: Query | fields: getUser, getUserGroup, userData, userGroupsWithProductGroups, usersForUserGroup
- Mutation: Mutation | fields: createUser, createUserGroup, deactivateUser, updateUser, updateUserGroup
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:59
  
  74.5 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: lookups-api.ayamedica.com
Port: 80
URL: http://lookups-api.ayamedica.com

First seen 2025-10-19 22:21
Last seen 2026-01-02 12:37
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203d01296

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 12:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22e47b134

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 18:30

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2772c7ed6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 16:04

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27834748c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 20:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23b1593d4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec209fadd96

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21eea699a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a5a9d2c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec251fb6dce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-20 19:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 15:14

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec253e015b4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-16 12:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22cd7cff6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-14 05:15

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fc56e7a4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-12 18:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec277395a5e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-30 13:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26a23a37a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-28 12:49

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2750cafdc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-26 19:30

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2374976c8

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-24 14:33

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25f8bc5a6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-22 12:35

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db01bd1a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-20 13:58

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2aa81f690

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-16 07:00

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eccd148a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 06:45

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2514c01aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-12 14:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27236ebaa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-10 14:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203d8f790

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 12:56

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-06 21:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e82052a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-04 19:29

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2686bfabe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 02:57

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec257acf1f4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cd3c56e0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2efe7e250

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-01 21:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e065d30a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 17:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28c4320ce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2515c0f76

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec24eaf1170

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e4c25c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2361210a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-26 11:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25fb8f51e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-24 10:25

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f4d9aa58

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-22 11:41

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20849f93a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20f604baa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec214598374

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ae854e78

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: brfbryggdacket.cpms46.se
Port: 443
URL: https://brfbryggdacket.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 12:37
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:37
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: kristianstadsbyggen.cpms46.se
Port: 443
URL: https://kristianstadsbyggen.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 12:37
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:37
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: texaq.cpms46.se
Port: 443
URL: https://texaq.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 12:37
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:37
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: beta.polizeiticker.ch
Port: 80
URL: http://beta.polizeiticker.ch

First seen 2025-11-21 02:09
Last seen 2026-01-02 11:56
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 11:56
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: admin.ogogofitness.com
Port: 443
URL: https://admin.ogogofitness.com

First seen 2025-11-28 01:08
Last seen 2026-01-02 11:55
Open for 35 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6845c28677ad6a4557d0628ca3dfd135da8043e09
```
GraphQL introspection enabled at /api/graphql
Types: 115 (by kind: ENUM: 3, INPUT_OBJECT: 29, INTERFACE: 1, OBJECT: 75, SCALAR: 7)
Operations:
- Query: Query | fields: apiKey, apiKeys, builder, builderExercise, builderExercises
- Mutation: Mutation | fields: completeWorkout, createBuilder, deleteApiKey, deleteBuilder, deleteBuilderExercise
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 11:55
  
  132.9 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: dynopt.comgy-testing.club
Port: 443
URL: https://dynopt.comgy-testing.club

First seen 2025-11-19 01:51
Last seen 2026-01-02 11:49
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 11:49

123.0 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.mabelhumer.es
Port: 443
URL: https://www.mabelhumer.es

First seen 2022-11-21 17:36
Last seen 2026-01-02 11:40
Open for 1137 days

Severity: medium
Fingerprint: 5f32cf5d6962f09cacbf01a6acbf01a67fbba4220effc0c6f0b7511e5d77f984

Found 118 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/components/bootstrap
/components/bootstrap/badges.html
/components/bootstrap/buttons.html
/components/bootstrap/cards.html
/components/bootstrap/forms.html
/components/bootstrap/navbar.html
/components/bootstrap/scrollspy.html
/components/bootstrap/sizing.html
/components/bootstrap/tables.html
/components/bootstrap/tabs.html
/components/bootstrap/tooltips.html
/components/sparrow
/components/sparrow/accordion.html
/components/sparrow/backgrounds.html
/components/sparrow/borders.html
/components/sparrow/carousel.html
/components/sparrow/colors.html
/components/sparrow/countdown.html
/components/sparrow/countup.html
/components/sparrow/fancybox.html
/components/sparrow/fancynav.html
/components/sparrow/fancyscroll.html
/components/sparrow/fancytabs.html
/components/sparrow/filter.html
/components/sparrow/forms.html
/components/sparrow/googlemap.html
/components/sparrow/icons.html
/components/sparrow/inline-player.html
/components/sparrow/lightbox.html
/components/sparrow/masonry.html
/components/sparrow/modals.html
/components/sparrow/parallax.html
/components/sparrow/progressbar.html
/components/sparrow/scroll-to.html
/components/sparrow/spacing.html
/components/sparrow/typed-text.html
/components/sparrow/typography.html
/components/sparrow/zanimation.html
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2026-01-02 11:40

Severity: medium
Fingerprint: 5f32cf5d6962f09c5a2cc21a5a2cc21a447b07b68ad095928649f2fa6401bbd4

Found 82 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/components/bootstrap
/components/sparrow
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-11-23 13:24

Severity: medium
Fingerprint: 5f32cf5d6962f09c6731298567312985269f719362d8711dab2702fbf645b934

Found 92 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/components/bootstrap
/components/bootstrap/badges.html
/components/bootstrap/buttons.html
/components/bootstrap/cards.html
/components/bootstrap/forms.html
/components/bootstrap/navbar.html
/components/bootstrap/scrollspy.html
/components/bootstrap/sizing.html
/components/bootstrap/tables.html
/components/bootstrap/tabs.html
/components/bootstrap/tooltips.html
/components/sparrow
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-11-21 18:16

Severity: medium
Fingerprint: 5f32cf5d6962f09cef4a0ce8ef4a0ce8da7f78b86a0f4f70cf7395bcc9f70bb8

Found 80 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-07-02 15:45

Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa5447b671e3e93017925f7b55b159103e1f16

Found 18 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/js
/assets/lib
/assets/video
/components
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-03-24 10:52

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: id-apac.smile-view.com
Port: 80
URL: http://id-apac.smile-view.com

First seen 2025-11-15 02:12
Last seen 2026-01-02 11:32
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775193f8694d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 11:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516d49f985

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 18:47

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751017839df

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 19:02

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a0887d23

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 21:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775166133e47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-20 23:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377510a73140f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-18 23:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517ab88e5d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 20:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bb731621

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-14 12:12

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511addca3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:02

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775136c4e8d5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-11 08:28

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b6829855

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511d5eb585

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517df48faf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775113916a25

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 00:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fb89c12b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 23:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514976886d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-27 02:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e354736b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 08:28

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751505b7165

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 07:17

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e21e32edcd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 19:59

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e20e95b6dd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : skip=0 total=47 limit=100
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2c1e0f379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : total=34 limit=100 skip=0
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e28cbd65af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.humanshine.com
Port: 443
URL: https://api.humanshine.com

First seen 2025-11-23 02:01
Last seen 2026-01-02 11:10
Open for 40 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387fdf86dc970ed4f371bb50274d3b0e2d39638ba

GraphQL introspection enabled at /graphql
Types: 204 (by kind: ENUM: 26, INPUT_OBJECT: 4, INTERFACE: 8, OBJECT: 158, SCALAR: 8)
Operations:
- Query: Query | fields: annualLeaveSummaries, companies, defaultNotificationSettings, departments, documents
- Mutation: Mutation | fields: acceptInvite, approveLeaveRequest, bulkImport, calculateDaysOff, createCompany
- Subscription: Subscription | fields: birthdayComingIn, documentShared, finishingIn, leaveRequestApproved, leaveRequestCreated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 11:10

221.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: 126000-0617-4242-0001.production.h.bitsof.love
Port: 80
URL: http://126000-0617-4242-0001.production.h.bitsof.love

First seen 2025-10-20 01:06
Last seen 2026-01-02 11:10
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fd691b9a9a0e940a1eba54cc3ae5cfe16783ba01

GraphQL introspection enabled at /graphql
Types: 131 (by kind: ENUM: 11, INPUT_OBJECT: 4, INTERFACE: 4, OBJECT: 101, SCALAR: 9, UNION: 2)
Operations:
- Query: Query | fields: businessMatchdayPage, businessMatchdayPageArrangement, clubbruggeTeam, primaryClubbruggeTeam, primaryContentPage
Directives: cacheControl, deprecated, fallback, fromField, include, mongooseForeignReference, optimizedImage, responsiveImage, serviceIdToInt, skip (total: 11)

Readable stores: 0

Found on 2026-01-02 11:10

143.9 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: tw-apac.smile-view.com
Port: 443
URL: https://tw-apac.smile-view.com

First seen 2025-11-15 02:31
Last seen 2026-01-02 11:07
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519bc36ae5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2026-01-02 11:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fb24bd4d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 20:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751011dc253

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-25 02:56

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bc71b4a5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 02:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a627db11

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 20:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b45f4d05

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-19 01:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ffa51131

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 19:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751087e4bf3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-14 14:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d31349b7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-14 12:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 13:49

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751017839df

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-10 07:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511addca3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:23

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775145338651

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-05 14:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fcfc3fcd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514eaf432f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516b050639

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d981a385

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 00:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 23:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e3fee20f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-27 02:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bd6347b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 08:28

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514c86072f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 07:18

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e21e8c44b7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 19:59

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2442097bf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e285730aad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e220f16517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e29a71c85d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: sta-logistik-api.saubermacher.at
Port: 443
URL: https://sta-logistik-api.saubermacher.at

First seen 2025-12-07 01:25
Last seen 2026-01-02 11:04
Open for 26 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ce1800f1953c107399f0c342c51119f722e3424f
```
GraphQL introspection enabled at /graphql
Types: 35 (by kind: ENUM: 4, OBJECT: 25, SCALAR: 6)
Operations:
- Query: Query | fields: me, order, user, users, version
- Mutation: Mutation | fields: createUser, deleteUser, logout, signin, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 11:04
  
  65.5 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: ios-ui-tests.comgy-testing.club
Port: 443
URL: https://ios-ui-tests.comgy-testing.club

First seen 2025-11-19 00:02
Last seen 2026-01-02 10:59
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 10:59

123.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: backend-production.guidable.com
Port: 80
URL: http://backend-production.guidable.com

First seen 2025-11-24 01:27
Last seen 2026-01-02 10:47
Open for 39 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa365ebb7bca8f19d80b7e19fb2fa4183646b57b837

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 12, INPUT_OBJECT: 49, OBJECT: 60, SCALAR: 6)
Operations:
- Query: Query | fields: applicationSettings, groupSharing, storyEvaluation, tourReview, user
- Mutation: Mutation | fields: auth, groupSharing, storyEvaluation, user, userTour
- Subscription: Subscription | fields: groupSharingChanged, storyCreationRequestUpdated, supportedAppVersionChanged, tourCreationRequestUpdated, transactionCreated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 10:47

104.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: brfeken.cpms46.se
Port: 443
URL: https://brfeken.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 10:42
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:42
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: obchod.stokrle.cz
Port: 443
URL: https://obchod.stokrle.cz

First seen 2025-10-19 22:29
Last seen 2026-01-02 10:35
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ad723d1d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1242
orders (args: optional/default) : totalCount=1331
returns (args: optional/default) : totalCount=54
orderCounts (args: none) : pendingCount=6 readyCount=1

Found on 2026-01-02 10:35

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59565cb1775

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1232
orders (args: optional/default) : totalCount=1317
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=0

Found on 2025-12-26 16:38

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ed97c5be

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1227
orders (args: optional/default) : totalCount=1311
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=5 readyCount=0

Found on 2025-12-21 05:59

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59580c0af5e

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1212
orders (args: optional/default) : totalCount=1296
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : readyCount=6 pendingCount=3

Found on 2025-12-19 03:34

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5951af2234d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1192
orders (args: optional/default) : totalCount=1271
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=3

Found on 2025-12-16 20:24

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5957aa9f08c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1163
orders (args: optional/default) : totalCount=1233
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=11

Found on 2025-12-14 09:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59582cae19c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1160
orders (args: optional/default) : totalCount=1230
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=8

Found on 2025-12-13 16:51

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5950005125d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1049
orders (args: optional/default) : totalCount=1101
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=4 readyCount=5

Found on 2025-12-01 18:04

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5955139a5cd

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1033
orders (args: optional/default) : totalCount=1084
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-11-29 10:11

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953426fb17

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1028
orders (args: optional/default) : totalCount=1079
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=4 readyCount=13

Found on 2025-11-27 06:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595c1b2ce33

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=20

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9e5ab79

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=20 pendingCount=2

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f99fef75

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1008
orders (args: optional/default) : totalCount=1073
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=13

Found on 2025-11-23 07:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595d0a703c3

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1001
orders (args: optional/default) : totalCount=1065
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=7

Found on 2025-11-21 13:19

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5957bad3f71

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=988
orders (args: optional/default) : totalCount=1050
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-16 20:17

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953a7768b2

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=981
orders (args: optional/default) : totalCount=1043
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-14 21:22

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595119bdc9b

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=972
orders (args: optional/default) : totalCount=1031
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=10

Found on 2025-11-12 15:31

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc23607d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=967
orders (args: optional/default) : totalCount=1025
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=4

Found on 2025-11-10 18:51

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc179252

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=962
orders (args: optional/default) : totalCount=1020
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=5

Found on 2025-11-08 15:03

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59557758efe

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=958
orders (args: optional/default) : totalCount=1016
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-07 06:01

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5958d91a35c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=954
orders (args: optional/default) : totalCount=1012
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-05 13:17

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5952193e121

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=953
orders (args: optional/default) : totalCount=1011
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=2

Found on 2025-11-03 10:06

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5951c2bdb88

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=951
orders (args: optional/default) : totalCount=1009
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=2

Found on 2025-11-02 05:31

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5956f3571b4

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=943
orders (args: optional/default) : totalCount=1001
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-29 08:58

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595909f1896

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=999
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-26 11:05

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fb80c7b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=998
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-24 10:25

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59579b1d7a8

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=939
orders (args: optional/default) : totalCount=994
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-22 11:40

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9ecd561

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=8

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: brfsorunda.cpms46.se
Port: 443
URL: https://brfsorunda.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 10:24
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:24
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: staging.api.issassetmanager.se
Port: 80
URL: http://staging.api.issassetmanager.se

First seen 2025-11-22 01:43
Last seen 2026-01-02 10:20
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3928379fbcfaf8bf9a8190b48b897e626332e65f0
```
GraphQL introspection enabled at /graphql
Types: 93 (by kind: ENUM: 4, INPUT_OBJECT: 50, OBJECT: 33, SCALAR: 6)
Operations:
- Query: Query | fields: building, companies, company, project, projects
- Mutation: Mutation | fields: createCompany, createProject, deleteCompany, updateCompany, updateProject
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 10:20
  
  105.5 kBytes
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: services.conf.app
Port: 80
URL: http://services.conf.app

First seen 2025-11-10 01:31
Last seen 2026-01-02 10:14
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb4ecbe7188a2e00678d0f3af53a9374e5b75f1ac21

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
DELETE /account/payment-method/{id}
GET /account
GET /account/invoices
GET /account/user
GET /account/user/{id}/email
GET /conf-customer-plans
GET /conf/{id}/export-rooms
GET /conf/{id}/export-session-registrations
GET /conf/{id}/export-sessions
GET /conf/{id}/export-speakers
GET /currency
GET /plans
GET /session/{id}/export-registrations
GET /subscription
POST /account/check-email
POST /account/verification-email
POST /check-urls
POST /conf-checkout
POST /conf/{id}/import-rooms
POST /conf/{id}/import-sessions
POST /conf/{id}/import-speakers
POST /notifications
POST /notifications/send-many
POST /notifications/send-one
POST /subscription/webhook
POST /webhooks
PUT /account/gclid
PUT /account/preferences

Found on 2026-01-02 10:14

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: minparkering.falup.se
Port: 443
URL: https://minparkering.falup.se

First seen 2025-11-30 00:52
Last seen 2026-01-02 10:06
Open for 33 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:06
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: calc.timeline.co
Port: 80
URL: http://calc.timeline.co

First seen 2025-11-30 00:51
Last seen 2026-01-02 10:06
Open for 33 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db84e0e35094065277ac6469656c169f3ad8f4ff06d8f4ff06
```
GraphQL introspection enabled at /api
Types: 76 (by kind: ENUM: 20, INPUT_OBJECT: 14, OBJECT: 32, SCALAR: 10)
Operations:
- Query: Query | fields: inheritanceTax, simulationResults, sustainableSpending
Directives: include, skip (total: 2)
```
  Found on 2026-01-02 10:06
  
  85.0 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api-v2.cliqup.co
Port: 80
URL: http://api-v2.cliqup.co

First seen 2025-10-25 00:10
Last seen 2026-01-02 09:46
Open for 69 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d728eb71c84b33f3c1156526e05ccea1cbda903e

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 18, INPUT_OBJECT: 26, OBJECT: 55, SCALAR: 7)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2026-01-02 09:46

174.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa368d1bcd6a414ab06220a0f93efd1e912316d104b

GraphQL introspection enabled at /graphql
Types: 78 (by kind: ENUM: 6, INPUT_OBJECT: 19, OBJECT: 46, SCALAR: 7)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-12-18 07:36

138.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3070cbe5c496d60e05a7853a17318dab42294d9b5

GraphQL introspection enabled at /graphql
Types: 72 (by kind: ENUM: 5, INPUT_OBJECT: 17, OBJECT: 43, SCALAR: 7)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-12-16 05:35

130.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a394c5be77d6446e8f6bf36baf3330ba13d43263

GraphQL introspection enabled at /graphql
Types: 62 (by kind: ENUM: 4, INPUT_OBJECT: 15, OBJECT: 37, SCALAR: 6)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-11-30 15:47

115.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36b18b95cf4b909e029799ca1868bb5b47a49cab5

GraphQL introspection enabled at /graphql
Types: 61 (by kind: ENUM: 4, INPUT_OBJECT: 15, OBJECT: 36, SCALAR: 6)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-11-26 12:15

113.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c3199e49228e84eb7c5db4aee36d86799ef8b8e6

GraphQL introspection enabled at /graphql
Types: 59 (by kind: ENUM: 4, INPUT_OBJECT: 14, OBJECT: 36, SCALAR: 5)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-11-22 14:09

110.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa332d0c2731518cff1f29b4db0897b433f9a078744

GraphQL introspection enabled at /graphql
Types: 58 (by kind: ENUM: 4, INPUT_OBJECT: 14, OBJECT: 35, SCALAR: 5)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-11-03 01:17

109.1 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: staging.park46.se
Port: 443
URL: https://staging.park46.se

First seen 2025-11-17 00:14
Last seen 2026-01-02 09:29
Open for 46 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 09:29
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.lasostenibilitaconta.it
Port: 80
URL: http://www.lasostenibilitaconta.it

First seen 2025-10-22 00:35
Last seen 2026-01-02 08:56
Open for 72 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c89640614e3a46a3456c2d30dd3769f7aef13d4b
```
GraphQL introspection enabled at /graphql
Types: 22 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 13, SCALAR: 6)
Operations:
- Query: Query | fields: getAuthLvl, getCompanies, getConsts, getLook, getProcesses
- Mutation: Mutation | fields: addCompany, addProcess, createUser, editCompany, removeCompany
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 08:56
  
  32.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: selectapi.orientalweavers.com
Port: 80
URL: http://selectapi.orientalweavers.com

First seen 2025-12-05 01:08
Last seen 2026-01-02 08:50
Open for 28 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39c2ed9c86f2d406c21cf596041104d470aa66e7b
```
GraphQL introspection enabled at /graphql
Types: 123 (by kind: ENUM: 6, INPUT_OBJECT: 13, INTERFACE: 1, OBJECT: 97, SCALAR: 6)
Operations:
- Query: Query | fields: allPatches, allSampleCodes, allSkuCodes, allSkus, ordersByUser
- Mutation: Mutation | fields: createOrder, createPresignedUrls, deletePresignedUrls, updateSku, uploadSku
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 08:50
  
  166.0 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.raceflow.in
Port: 443
URL: https://www.raceflow.in

First seen 2024-12-27 00:10
Last seen 2026-01-02 08:50
Open for 371 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 08:50
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: packaging.bonfluencer.com
Port: 443
URL: https://packaging.bonfluencer.com

First seen 2025-09-08 15:07
Last seen 2026-01-02 08:42
Open for 115 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3af247253af247250afce8cdeb84548d01c0a61abd0f7437
```
Found 9 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/favicon.ico
/robots.txt
/videos
/videos/welcome_video_big.mp4
```
  Found on 2026-01-02 08:42
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.thomas-p.com
Port: 443
URL: https://www.thomas-p.com

First seen 2025-08-06 16:29
Last seen 2026-01-02 08:42
Open for 148 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 08:42
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d19819188198191881981918819819188
```
Found 1 files trough .DS_Store spidering:

/cligno.gif
```
  Found on 2025-08-06 16:29
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: smartpark.park46.se
Port: 443
URL: https://smartpark.park46.se

First seen 2025-11-29 00:55
Last seen 2026-01-02 08:31
Open for 34 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 08:31
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: beta.polizeiticker.ch
Port: 443
URL: https://beta.polizeiticker.ch

First seen 2025-11-21 02:09
Last seen 2026-01-02 08:24
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 08:24
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.heroku.zigned.se
Port: 443
URL: https://api.heroku.zigned.se

First seen 2025-11-14 03:14
Last seen 2026-01-02 08:17
Open for 49 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ee6fa6d9866f42bbb83cac51f32be31ecde1994a
```
GraphQL introspection enabled at /graphql
Types: 291 (by kind: ENUM: 40, INPUT_OBJECT: 61, OBJECT: 180, SCALAR: 10)
Operations:
- Query: Query | fields: agreement, agreementEvents, getAgreementAuthor, getTeamAgreementByPublicId, me
- Mutation: Mutation | fields: bankId, otp, teams, truid, zealId
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 08:17
  
  272.4 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.promotifyai.com
Port: 80
URL: http://api.promotifyai.com

First seen 2025-11-27 00:38
Last seen 2026-01-02 07:56
Open for 36 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-02 07:56
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: logistik-api.saubermacher.at
Port: 443
URL: https://logistik-api.saubermacher.at

First seen 2025-11-07 01:06
Last seen 2026-01-02 07:56
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ce1800f1953c107399f0c342c51119f722e3424f
```
GraphQL introspection enabled at /graphql
Types: 35 (by kind: ENUM: 4, OBJECT: 25, SCALAR: 6)
Operations:
- Query: Query | fields: me, order, user, users, version
- Mutation: Mutation | fields: createUser, deleteUser, logout, signin, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 07:56
  
  65.5 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: dev.squeeze.cz
Port: 443
URL: https://dev.squeeze.cz

First seen 2025-12-11 01:06
Last seen 2026-01-02 07:48
Open for 22 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d4459a17ac6d9ec5b7b5fbebb56dbec8b56dbec8
```
GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 6, OBJECT: 11, SCALAR: 4)
Operations:
- Query: Query | fields: gameDisplay
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)
```
  Found on 2026-01-02 07:48
  
  21.0 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: dev.cms.catalog.lear.com
Port: 443
URL: https://dev.cms.catalog.lear.com

First seen 2025-11-24 04:16
Last seen 2026-01-02 07:40
Open for 39 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa374f66b2b0e52ab695274e894cff13c2a5d56a49c

GraphQL introspection enabled at /graphql
Types: 493 (by kind: ENUM: 18, INPUT_OBJECT: 143, OBJECT: 317, SCALAR: 11, UNION: 4)
Operations:
- Query: Query | fields: menusMenu, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 07:40

653.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b3563397d505a745ea8f65d08adf3b16f1f364c0

GraphQL introspection enabled at /graphql
Types: 492 (by kind: ENUM: 17, INPUT_OBJECT: 143, OBJECT: 317, SCALAR: 11, UNION: 4)
Operations:
- Query: Query | fields: menusMenu, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-16 17:47

651.7 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: svenskabostader.park46.se
Port: 443
URL: https://svenskabostader.park46.se

First seen 2025-11-24 04:26
Last seen 2026-01-02 07:40
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 07:40
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.asapdevlab.com
Port: 80
URL: http://api.asapdevlab.com

First seen 2025-10-24 00:52
Last seen 2026-01-02 07:20
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
Found on 2026-01-02 07:20

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d662fa7cdc7992206000b6e4fedb30877b34f3f063

GraphQL introspection enabled at /api/graphql
Types: 766 (by kind: ENUM: 42, INPUT_OBJECT: 582, OBJECT: 131, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-12-01 05:57

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d64e72dbecf5c82170347f380e0775264b77300533

GraphQL introspection enabled at /api/graphql
Types: 765 (by kind: ENUM: 42, INPUT_OBJECT: 581, OBJECT: 131, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-16 17:10

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6abc3079984df16fbe6313da7b5b7b12c9cc49062

GraphQL introspection enabled at /api/graphql
Types: 762 (by kind: ENUM: 42, INPUT_OBJECT: 580, OBJECT: 129, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-10 20:40

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6f5d90a751f3661777f65e9db7826f4b895dc28de

GraphQL introspection enabled at /api/graphql
Types: 676 (by kind: ENUM: 33, INPUT_OBJECT: 512, OBJECT: 120, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-10-27 08:39

1.3 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6f5d90a751f3661777f65e9db7826f4b80110d52a

GraphQL introspection enabled at /api/graphql
Types: 676 (by kind: ENUM: 33, INPUT_OBJECT: 512, OBJECT: 120, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-24 00:52

1.3 MBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: smartroute.io
Port: 80
URL: http://smartroute.io

First seen 2025-11-22 00:05
Last seen 2026-01-02 07:12
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa363034660c6076ae4ff1c06dd195a0af7cf7fc8c7
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 10, SCALAR: 6)
Operations:
- Query: Query | fields: vehicleByImei
- Mutation: Mutation | fields: createTracker
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 07:12
  
  22.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: ksa-lookups-api.ayamedica.com
Port: 443
URL: https://ksa-lookups-api.ayamedica.com

First seen 2025-10-19 22:09
Last seen 2026-01-02 07:06
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c838013e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 07:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e72f09c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-30 09:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec232f711b6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 08:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22507d28a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 09:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f7e44c2c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 11:00

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea4be6de

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 05:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2581a596a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2650de28a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec237b4469c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b5a1e7fc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 18:53

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d0bdec44

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-16 16:38

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c08956d6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-13 08:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a2780bfc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-06 06:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fd00e2ec

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-30 20:24

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-28 15:05

77.1 kBytes 30 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a6fd17a7

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Found on 2025-11-26 18:49

77.1 kBytes

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fa63432a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-23 05:09

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-21 10:57

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20215298e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-18 09:42

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ad0393be

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 15:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a24cec90

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-12 15:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22f091b90

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 14:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2804a94ce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 13:14

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2343dc23e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-07 02:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23adaff88

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-05 10:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 12:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26cec10ea

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-01 03:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29cd38086

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-30 20:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c50d87d0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 11:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a6c84f4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-26 05:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28385e7ea

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-24 06:13

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d52ed052

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec256367398

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec281699c3c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2dba6f438

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2038456eb

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 18)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:09

77.4 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 15.197.129.158
Domain: brannkorpset.com
Port: 443
URL: https://brannkorpset.com

First seen 2025-02-15 20:59
Last seen 2026-01-02 06:34
Open for 320 days

Severity: medium
Fingerprint: 5f32cf5d6962f09cd4047824d4047824b5b9e0ea89d882d836c8407353fe4390

Found 35 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/icon.png
/icon.svg
/images
/images/album_generic.jpeg
/images/background_color.jpg
/images/background_wide.jpg
/images/bg-bubplastic-button.gif
/images/bg-bubplastic-h-blue.gif
/images/bg-bubplastic-h-gray.gif
/images/bg-bubplastic-h-lime.gif
/images/bg-bubplastic-h-red.gif
/images/bg-bubplastic.gif
/images/bjorn_sebak.jpg
/images/gunnar_thorstensen.jpg
/images/header_image.jpg
/images/header_image.psd
/images/header_image3.png
/images/header_image_transp.png
/images/icons
/images/jan_ytrearne.jpg
/images/kenneth.jpg
/images/photo_placeholder.jpg
/images/placeholder.jpg
/images/plakat_konsert_2011.png
/images/progressbar.gif
/images/rails.png
/images/svein_teigland.jpg
/images/tor_bjorkaas.jpg
/images/torkjell_helle.jpg
/robots.txt

Found on 2026-01-02 06:34

Severity: low
Fingerprint: 5f32cf5d6962f09c3af247253af24725306252999186d6d1f2d2d52c81dce637

Found 9 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/icon.png
/icon.svg
/images
/robots.txt

Found on 2025-06-16 01:26

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
Found on 2025-02-18 01:36

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: bruks.cpms46.se
Port: 443
URL: https://bruks.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 06:23
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 06:23
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: upark.uppsalaparkering.se
Port: 443
URL: https://upark.uppsalaparkering.se

First seen 2025-12-08 00:19
Last seen 2026-01-02 06:02
Open for 25 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 06:02
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: ksa-lookups-api.ayamedica.com
Port: 80
URL: http://ksa-lookups-api.ayamedica.com

First seen 2025-10-21 19:52
Last seen 2026-01-02 06:01
Open for 72 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c166e99a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2026-01-02 06:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec294407b00

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 23:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22bd618bc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-25 00:24

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2961cdb7e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 21:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2580352fe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e62569aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22b3130b2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-20 13:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25dd9eca4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-18 10:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db47adb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-16 05:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bc6ac904

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-14 03:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21a1f3f7a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-12 11:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d52ed052

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-10 17:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea689494

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-08 03:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec218b01c60

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-30 14:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b65ad688

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-26 18:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bb1ada9c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-22 19:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e72f09c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-21 01:47

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec296dab77c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-16 14:40

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 16:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28d95ace2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 23:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b71a430c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 20:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-07 04:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2011a5b0e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-05 10:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec24c3ffa00

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 05:35

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eccd148a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 18:58

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c53b7298

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 12:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22b460b5e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28cbea418

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26da55d84

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bb14d296

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.swipy.pro
Port: 443
URL: https://api.swipy.pro

First seen 2025-10-19 21:47
Last seen 2026-01-02 06:01
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19746d6bdd

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2026-01-02 06:01

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19b3af2f85

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-26 23:02

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19ade1c07f

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-25 00:24

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19f59637e3

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-22 21:04

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f191c710113

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19cabc88fb

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : success=false message=Cannot read properties of undefined (reading '_id') code=500
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19c8edee7d

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : success=false message=Cannot read properties of undefined (reading '_id') code=500
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f199a855f51

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19324b40e3

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false

Found on 2025-10-19 21:47

234.8 kBytes 27 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: my-api.venyou.no
Port: 443
URL: https://my-api.venyou.no

First seen 2025-11-30 00:11
Last seen 2026-01-02 05:33
Open for 33 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-02 05:33

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-11-30 00:11

512.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: checkout.staging.raylo.com
Port: 443
URL: https://checkout.staging.raylo.com

First seen 2025-11-11 00:37
Last seen 2026-01-02 05:14
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa378bf11805a19774415ce114d43bedcb43e2294d4

GraphQL introspection enabled at /graphql
Types: 257 (by kind: ENUM: 36, INPUT_OBJECT: 39, INTERFACE: 6, OBJECT: 167, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: acceptableData, cancelOrderReasonTypes, cancelSubscriptionReasonTypes, checkout, checkoutDecisionReport
- Mutation: Mutation | fields: authenticateClient, cancelCheckout, cancelInsuranceClaim, cancelOrder, cancelSubscriptionTermination
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 05:14

325.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3701c1fda00cb9acab9ef5d83accdd3b63e4f5f52

GraphQL introspection enabled at /graphql
Types: 242 (by kind: ENUM: 36, INPUT_OBJECT: 25, INTERFACE: 6, OBJECT: 166, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: acceptableData, cancelOrderReasonTypes, cancelSubscriptionReasonTypes, checkout, checkoutDecisionReport
- Mutation: Mutation | fields: authenticateClient, cancelCheckout, cancelInsuranceClaim, cancelOrder, cancelSubscriptionTermination
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-14 11:29

313.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35183e07ec76bceae4e7d9467f71037988727bab8

GraphQL introspection enabled at /graphql
Types: 241 (by kind: ENUM: 36, INPUT_OBJECT: 25, INTERFACE: 6, OBJECT: 165, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: acceptableData, cancelOrderReasonTypes, cancelSubscriptionReasonTypes, checkout, checkoutDecisionReport
- Mutation: Mutation | fields: authenticateClient, cancelCheckout, cancelOrder, cancelSubscriptionTermination, changeSubscriptionPaymentSchedule
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-12 23:02

312.8 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: beraten-aus-daten.de
Port: 443
URL: https://beraten-aus-daten.de

First seen 2025-10-20 00:57
Last seen 2026-01-02 05:12
Open for 74 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa34ece4d900a61065440eb28769c198e530ebac5bf
```
GraphQL introspection enabled at /graphql
Types: 18 (by kind: ENUM: 2, OBJECT: 11, SCALAR: 5)
Operations:
- Query: Query | fields: sdpReportStatistics, sdpReports
- Mutation: Mutation | fields: addAppUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0
```
  Found on 2026-01-02 05:12
  
  24.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: dev.api.roomismo.com
Port: 443
URL: https://dev.api.roomismo.com

First seen 2025-12-11 00:16
Last seen 2026-01-02 04:56
Open for 22 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3cf17fbff052b96cdc3930da844060f6362f0638b

GraphQL introspection enabled at /graphql
Types: 526 (by kind: ENUM: 137, INPUT_OBJECT: 146, OBJECT: 230, SCALAR: 10, UNION: 3)
Operations:
- Query: Query | fields: agencies, amenities, amenity, availability, availableRooms
- Mutation: Mutation | fields: addAADETransactionOrInvoice, addAgency, addAmenity, addCancellationPolicy, addChat
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 04:56

987.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36dc01cf8e0a3aa1c8fe9f6c34631b0c2f659789e

GraphQL introspection enabled at /graphql
Types: 522 (by kind: ENUM: 137, INPUT_OBJECT: 144, OBJECT: 228, SCALAR: 10, UNION: 3)
Operations:
- Query: Query | fields: agencies, amenities, amenity, availability, availableRooms
- Mutation: Mutation | fields: addAADETransactionOrInvoice, addAgency, addAmenity, addCancellationPolicy, addChat
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-11 00:16

979.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: production.api.ng.tourlina.com
Port: 443
URL: https://production.api.ng.tourlina.com

First seen 2025-10-25 00:39
Last seen 2026-01-02 04:41
Open for 69 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa346c1d3df8181c3ed04ac53202e509127a2fef7ff

GraphQL introspection enabled at /graphql
Types: 152 (by kind: ENUM: 10, INPUT_OBJECT: 35, INTERFACE: 3, OBJECT: 93, SCALAR: 7, UNION: 4)
Operations:
- Query: Query | fields: destinations, discover, discoverSearch, events, features
- Mutation: Mutation | fields: acceptFriendRequest, attachAccountVerificationPhoto, attachUserPhoto, blockUser, confirmVerification
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 04:41

180.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.zigned.io
Port: 443
URL: https://api.zigned.io

First seen 2025-11-14 02:53
Last seen 2026-01-02 04:21
Open for 49 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ee6fa6d9866f42bbb83cac51f32be31ecde1994a
```
GraphQL introspection enabled at /graphql
Types: 291 (by kind: ENUM: 40, INPUT_OBJECT: 61, OBJECT: 180, SCALAR: 10)
Operations:
- Query: Query | fields: agreement, agreementEvents, getAgreementAuthor, getTeamAgreementByPublicId, me
- Mutation: Mutation | fields: bankId, otp, teams, truid, zealId
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 04:21
  
  272.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: revest.it
Port: 443
URL: https://revest.it

First seen 2025-11-16 00:14
Last seen 2026-01-02 04:21
Open for 47 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db59139cb99

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2508 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2026-01-02 04:21

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5d2bca6c0

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-30 08:53

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db518fcb704

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-26 09:08

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57c3a51aa

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-24 06:44

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db519286e1e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-22 08:06

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db58016b5b4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-20 09:10

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db515d8e506

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-18 10:10

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b97398ab

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2501 totalPages=51 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-12 12:11

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5f55aa349

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b66a4473

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db552c92ef7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5ee7a2fcf

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-02 05:45

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5296e91b0

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-01 08:53

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db513afe29e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:38

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db553d37cb8

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db53047d0b2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db55dd295bc

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2482 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-23 13:26

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db576d085c7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5aa9e1c11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db567af57b7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2476 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: cms.leendersfietsen.nl
Port: 443
URL: https://cms.leendersfietsen.nl

First seen 2025-12-07 00:45
Last seen 2026-01-02 04:17
Open for 26 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db84e0e35084e0e35084e0e35084e0e35084e0e35084e0e350
```
GraphQL introspection enabled at /api
```
  Found on 2026-01-02 04:17
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.crowdfundinghub.dk
Port: 443
URL: https://www.crowdfundinghub.dk

First seen 2025-10-17 19:35
Last seen 2026-01-02 04:06
Open for 76 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 04:06
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c42ef4a6565d38d63e30e713e6ce51b23e9f2d22
```
GraphQL introspection enabled at /graphql
Types: 543 (by kind: ENUM: 64, INPUT_OBJECT: 70, INTERFACE: 1, OBJECT: 318, SCALAR: 11, UNION: 79)
Operations:
- Query: Query | fields: fields, me, openLoanQuotes, publicContent, secondaryMarketListings
- Mutation: Mutation | fields: mutateExternalFile, mutateFields, mutateForumPost, mutateProject, mutateShare
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-01 08:41
  
  2.8 MBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: new.duocards.com
Port: 443
URL: https://new.duocards.com

First seen 2025-10-17 00:31
Last seen 2026-01-02 03:59
Open for 77 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3604b202c00d8793009843ffcebc244e91a4677bd

GraphQL introspection enabled at /graphql
Types: 107 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 78, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 03:59

170.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa353df1b225d341c72a9f6110ebfa9c6876c7f05bb

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 77, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-14 08:42

166.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: dev-api.huntingapp.eu
Port: 443
URL: https://dev-api.huntingapp.eu

First seen 2025-12-04 00:34
Last seen 2026-01-02 03:52
Open for 29 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa32583e0a5f45ea9a7a5b386a2159d0ca8961b4f55

GraphQL introspection enabled at /graphql
Types: 87 (by kind: ENUM: 8, INPUT_OBJECT: 32, OBJECT: 38, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: hunt, huntTemplate, huntTemplates, hunts, location
- Mutation: Mutation | fields: addHuntUser, addLocation, huntCreate, huntRemove, huntTemplateCreate
- Subscription: Subscription | fields: addedLocation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 03:52

107.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: kleinplan.ch
Port: 443
URL: https://kleinplan.ch

First seen 2025-11-16 00:54
Last seen 2026-01-02 02:38
Open for 47 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db84e0e3505c719384426908c8ad65c2f2ecfd40ff48ccecc3
```
GraphQL introspection enabled at /api
Types: 23 (by kind: ENUM: 1, INPUT_OBJECT: 2, OBJECT: 14, SCALAR: 6)
Operations:
- Query: RootQueryType | fields: happenings, happy, whoami
- Mutation: RootMutationType | fields: authorize, createAssignment, createHappening, createNeed, createUser
Directives: include, skip (total: 2)
```
  Found on 2026-01-02 02:38
  
  27.6 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: uat.api.falschparker.io
Port: 443
URL: https://uat.api.falschparker.io

First seen 2025-10-29 01:08
Last seen 2026-01-02 02:36
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b26636c0deb55104fa5f9fcc821945ad194583bd

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 02:36

168.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3daab4f76c6b8f6667c04f6eead50aa0389f1cdd3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 6, INPUT_OBJECT: 72, OBJECT: 42, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-14 13:56

171.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.mtnstaffpredictor.com
Port: 443
URL: https://www.mtnstaffpredictor.com

First seen 2025-10-22 00:24
Last seen 2026-01-02 02:32
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a022fb7aa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2026-01-02 02:32

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a6478b15e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-30 10:56

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a0ce3cefe

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-26 05:58

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ad0af8536

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-22 23:12

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ada28fdc2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a97efce4e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-12-18 17:44

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aa9305f6a

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-16 12:53

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aedf969ca

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-13 08:30

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a497764fa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-12-08 07:57

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ae53ae9be

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-01 04:46

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aeed92092

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-11-27 07:11

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aece152a6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-21 05:33

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a2e4ff3d0

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-12 11:30

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ab809fd72

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-11-06 22:37

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5abf823ac6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-10-24 07:21

25.6 kBytes 9 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: id-apac.smile-view.com
Port: 443
URL: https://id-apac.smile-view.com

First seen 2025-11-15 02:12
Last seen 2026-01-02 02:30
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ade27b79

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 02:30

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-27 05:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e75a2045

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-25 04:54

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775122d73e19

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-23 05:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775160671989

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 01:43

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751271b66ad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-17 02:14

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511b2f1c1b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c6692e77

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-12 11:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775193f7fc4d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 21:26

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d06b5a51

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751542f3665

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 19:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517998166d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775115658f21

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775155c7a92d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515eec5bdb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-29 10:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751deff218d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 18:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775132f854fb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:54

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513b6d56c5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 10:22

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25e3313e1

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-18 06:27

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25f9ecef9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-16 21:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2521fec4b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2922e7af9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2855a9107

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b06c8689

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.innogate.fi
Port: 80
URL: http://www.innogate.fi

First seen 2025-04-24 10:20
Last seen 2026-01-02 02:26
Open for 252 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 02:26
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: hakanssonsagblad.cpms46.se
Port: 443
URL: https://hakanssonsagblad.cpms46.se

First seen 2025-11-11 06:52
Last seen 2026-01-02 02:24
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 02:24
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: fillit.com
Port: 443
URL: https://fillit.com

First seen 2025-11-10 01:01
Last seen 2026-01-02 01:39
Open for 53 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa314dad5538f763d11fd3f9f076610301a2249f3e6

GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 2, INPUT_OBJECT: 2, OBJECT: 34, SCALAR: 6)
Operations:
- Query: Query | fields: amenities, amenitiesByOrganisation, cartBookings, getUser, listing
- Mutation: Mutation | fields: createBooking, deleteBooking
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 01:39

71.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa314dad5538f763d11a67dd9160e730fc975580cf5

GraphQL introspection enabled at /graphql
Types: 44 (by kind: ENUM: 2, INPUT_OBJECT: 2, OBJECT: 34, SCALAR: 6)
Operations:
- Query: Query | fields: amenities, cartBookings, getUser, listing, listingGroup
- Mutation: Mutation | fields: createBooking, deleteBooking
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-16 05:47

67.8 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: alectaparkering.park46.se
Port: 443
URL: https://alectaparkering.park46.se

First seen 2025-11-12 03:03
Last seen 2026-01-02 01:37
Open for 50 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:37
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: infoticker.ch
Port: 80
URL: http://infoticker.ch

First seen 2025-11-08 00:23
Last seen 2026-01-02 01:36
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:36
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: portal.gavleparkering.se
Port: 443
URL: https://portal.gavleparkering.se

First seen 2025-10-30 00:20
Last seen 2026-01-02 01:28
Open for 64 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:28
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: brftakterrassen.cpms46.se
Port: 443
URL: https://brftakterrassen.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 00:50
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 00:50
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.payvo.gr
Port: 443
URL: https://api.payvo.gr

First seen 2025-10-21 00:11
Last seen 2026-01-02 00:43
Open for 73 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa327405247877e9d7581d75e17729642df16d6a847

GraphQL introspection enabled at /graphql
Types: 111 (by kind: ENUM: 20, INPUT_OBJECT: 37, OBJECT: 49, SCALAR: 5)
Operations:
- Query: Query | fields: AADEInvoice, AADEInvoices, business, businesses, transactions
- Mutation: Mutation | fields: addAADEInvoice, addBusiness, addTransaction, initiatePOSPayment, initiatePOSinvoice
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 00:43

132.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c4a2f7e9d023cccb352115d9890cf899067e2605

GraphQL introspection enabled at /graphql
Types: 108 (by kind: ENUM: 19, INPUT_OBJECT: 36, OBJECT: 48, SCALAR: 5)
Operations:
- Query: Query | fields: AADEInvoice, AADEInvoices, business, businesses, transactions
- Mutation: Mutation | fields: addAADEInvoice, addBusiness, addTransaction, initiatePOSPayment, initiatePOSinvoice
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-08 03:13

129.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa362f03646512655b6d36fd23e5a9df5ff43bd08f3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 35, INPUT_OBJECT: 31, OBJECT: 54, SCALAR: 7)
Operations:
- Query: Query | fields: AADEInvoice, AADEInvoices, business, businesses, companyDetails
- Mutation: Mutation | fields: addAADEInvoice, addBusiness, addContact, addError, addOffering
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-30 15:07

155.2 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: backend-staging.guidable.com
Port: 443
URL: https://backend-staging.guidable.com

First seen 2025-11-24 01:26
Last seen 2026-01-02 00:37
Open for 38 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa365ebb7bca8f19d80b7e19fb2fa4183646b57b837

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 12, INPUT_OBJECT: 49, OBJECT: 60, SCALAR: 6)
Operations:
- Query: Query | fields: applicationSettings, groupSharing, storyEvaluation, tourReview, user
- Mutation: Mutation | fields: auth, groupSharing, storyEvaluation, user, userTour
- Subscription: Subscription | fields: groupSharingChanged, storyCreationRequestUpdated, supportedAppVersionChanged, tourCreationRequestUpdated, transactionCreated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 00:37

104.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: core-tmp.payoutpartner.com
Port: 443
URL: https://core-tmp.payoutpartner.com

First seen 2025-12-01 00:49
Last seen 2026-01-01 23:57
Open for 31 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3943ac6615745c8a34b683b799a3b83ad27731945
```
GraphQL introspection enabled at /graphql
Types: 475 (by kind: ENUM: 52, INPUT_OBJECT: 190, INTERFACE: 3, OBJECT: 224, SCALAR: 6)
Operations:
- Query: Query | fields: checkSlug, clients, companies, company, crcPurposes
- Mutation: Mutation | fields: addAccountMember, approveEnrollment, approveJobApplication, archiveClient, archiveDocuments
Directives: deprecated, include, oneOf, skip (total: 4)
```
  Found on 2026-01-01 23:57
  
  535.7 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-12-01 00:49
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: qa.core.manymore.com
Port: 443
URL: https://qa.core.manymore.com

First seen 2025-11-16 00:34
Last seen 2026-01-01 22:41
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fff1b62df954f68f8c0f2781472ed938a0628998

GraphQL introspection enabled at /graphql
Types: 424 (by kind: ENUM: 44, INPUT_OBJECT: 178, INTERFACE: 1, OBJECT: 195, SCALAR: 6)
Operations:
- Query: Query | fields: checkSlug, companies, company, crcPurposes, creditBundles
- Mutation: Mutation | fields: addAccountMember, addTfaPhoneNumber, archiveCheckLists, archiveDocuments, archivePeople
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-01 22:41

468.9 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.infoticker.ch
Port: 80
URL: http://www.infoticker.ch

First seen 2025-11-08 00:23
Last seen 2026-01-01 21:58
Open for 54 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b

GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)

Found on 2026-01-01 21:58

49.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2d0a6b6663a214216b68b1be7731863aa67bd0fdc

GraphQL introspection enabled at /graphql/api
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-12-24 15:04

49.4 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.falsch-parker.ch
Port: 80
URL: http://api.falsch-parker.ch

First seen 2025-10-29 01:08
Last seen 2026-01-01 21:11
Open for 64 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b26636c0deb55104fa5f9fcc821945ad194583bd

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-01 21:11

167.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3daab4f76c6b8f6667c04f6eead50aa0389f1cdd3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 6, INPUT_OBJECT: 72, OBJECT: 42, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-16 17:06

171.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.falschparker.io
Port: 80
URL: http://api.falschparker.io

First seen 2025-10-29 01:08
Last seen 2026-01-01 21:11
Open for 64 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b26636c0deb55104fa5f9fcc821945ad194583bd

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-01 21:11

168.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3daab4f76c6b8f6667c04f6eead50aa0389f1cdd3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 6, INPUT_OBJECT: 72, OBJECT: 42, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-16 19:01

171.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.dev.loop-aero.com
Port: 80
URL: http://api.dev.loop-aero.com

First seen 2025-12-01 00:59
Last seen 2026-01-01 19:46
Open for 31 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-01 19:46
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3af54412400a716a8db0d566e819396dbd8e14373
```
GraphQL introspection enabled at /graphql
Types: 1160 (by kind: ENUM: 25, INPUT_OBJECT: 954, OBJECT: 175, SCALAR: 6)
Operations:
- Query: Query | fields: airlineCompanies, airlineCompany, airlineStaff, airlineStaffs, airport
- Mutation: Mutation | fields: acknowledgeNotification, createFlight, createUserComment, createUserSearch, deleteUserComment
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-01 00:59
  
  1.7 MBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: platen.cpms46.se
Port: 443
URL: https://platen.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-01 19:38
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-01 19:38
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.macluj.ro
Port: 80
URL: http://www.macluj.ro

First seen 2025-07-23 00:02
Last seen 2026-01-01 19:35
Open for 162 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d516b4a56516b4a56516b4a56516b4a56
```
Found 1 files trough .DS_Store spidering:

/fonts
```
  Found on 2026-01-01 19:35
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: platzer.park46.se
Port: 443
URL: https://platzer.park46.se

First seen 2025-11-23 03:21
Last seen 2026-01-01 19:32
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-01 19:32
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.carte-des-medecins.com
Port: 80
URL: http://www.carte-des-medecins.com

First seen 2025-11-12 01:43
Last seen 2025-12-30 14:46
Open for 48 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3090d7083775abb81de3c66048c027276acefeb80
```
GraphQL introspection enabled at /graphql
Types: 23 (by kind: ENUM: 2, OBJECT: 17, SCALAR: 4)
Operations:
- Query: Query | fields: doctor, doctors, testField
- Mutation: Mutation | fields: testField
Directives: deprecated, include, oneOf, skip (total: 4)
```
  Found on 2025-12-30 14:46
  
  28.2 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-saguida.sulcisdrone.it
Port: 80
URL: http://api-saguida.sulcisdrone.it

First seen 2025-12-09 00:42
Last seen 2025-12-30 13:51
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2025-12-30 13:51
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: core.payoutpartner.com
Port: 443
URL: https://core.payoutpartner.com

First seen 2025-12-02 01:12
Last seen 2025-12-30 12:57
Open for 28 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3943ac6615745c8a34b683b799a3b83ad27731945
```
GraphQL introspection enabled at /graphql
Types: 475 (by kind: ENUM: 52, INPUT_OBJECT: 190, INTERFACE: 3, OBJECT: 224, SCALAR: 6)
Operations:
- Query: Query | fields: checkSlug, clients, companies, company, crcPurposes
- Mutation: Mutation | fields: addAccountMember, approveEnrollment, approveJobApplication, archiveClient, archiveDocuments
Directives: deprecated, include, oneOf, skip (total: 4)
```
  Found on 2025-12-30 12:57
  
  535.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: revest.it
Port: 80
URL: http://revest.it

First seen 2025-11-16 00:14
Last seen 2025-12-30 12:23
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db515d8e506

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-30 12:23

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db519286e1e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-26 09:35

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57c3a51aa

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-21 04:23

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db58016b5b4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-19 01:28

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57042e04a

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2503 totalPages=51 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-14 07:03

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5363dbdb4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2501 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-13 04:47

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db552c92ef7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5cc47aba9

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db50a5cdc11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db53047d0b2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-01 01:39

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db553d37cb8

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5920ed1a2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2488 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-29 01:49

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db55dd295bc

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2482 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-23 14:56

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5259a2b84

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : firstPage=true lastPage=false nextPage=2 size=50 totalItems=2482 totalPages=50 currentPage=1
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-21 00:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b9eae3e1

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5aa9e1c11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db576d085c7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: clubhouse.rorypicko.com
Port: 80
URL: http://clubhouse.rorypicko.com

First seen 2025-11-24 04:25
Last seen 2025-12-30 12:22
Open for 36 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dc8140940c46f858cabfa265d0db5cc46b5a52bc
```
GraphQL introspection enabled at /graphql
Types: 284 (by kind: ENUM: 4, INPUT_OBJECT: 54, OBJECT: 214, SCALAR: 11, UNION: 1)
Operations:
- Query: Query | fields: game, games, gamesConnection, groupCode, groupCodes
- Mutation: Mutation | fields: createGame, createGroupCode, deleteGame, updateGame, updateGroupCode
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-30 12:22
  
  233.6 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: tw-apac.smile-view.com
Port: 80
URL: http://tw-apac.smile-view.com

First seen 2025-11-15 02:31
Last seen 2025-12-30 12:08
Open for 45 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751df0d4437

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-30 12:08

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bd7aa36d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-26 09:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775100e8e49d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 06:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c975b96b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 23:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751769cc821

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 01:13

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513a16f09f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 20:39

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514bd3529b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 16:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516d51f0ab

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-14 06:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 05:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c20d5379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e4e6461d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c839ea73

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e11f074f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751cc04f973

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 01:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775160a9fe13

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-29 01:43

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751521935af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-27 12:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751924c9ab5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-24 10:53

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775185ab36d9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 00:10

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e75a2045

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-21 06:09

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b02bfe7b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:01

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e24220b135

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e237ff3275

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e253367f3b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25394fc79

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.rads26th.com
Port: 443
URL: https://www.rads26th.com

First seen 2025-02-01 10:18
Last seen 2025-12-30 10:00
Open for 331 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
  Found on 2025-12-30 10:00
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: platform-api.vitaos.eu
Port: 443
URL: https://platform-api.vitaos.eu

First seen 2025-12-12 15:41
Last seen 2025-12-26 11:13
Open for 13 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549cb147c2d5f91fece34c8847c0314cc63162e3155
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/platform/onboarding
GET /api/platform/onboarding/{appId}
GET /api/platform/profile
GET /api/platform/schedule/{appId}
POST /api/platform/onboarding/complete
POST /api/platform/onboarding/{appId}/complete
POST /api/waitlist
PUT /api/platform/onboarding/ai-consent
PUT /api/platform/onboarding/{appId}/step
```
  Found on 2025-12-26 11:13
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: boersekilchberg.ch
Port: 443
URL: https://boersekilchberg.ch

First seen 2022-10-05 11:50
Last seen 2025-12-25 05:48
Open for 1176 days

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7bd739e4310bfa9fd438b1a50176d90ea

Found 128 files trough .DS_Store spidering:

/.assets
/.assets/@webassemblyjs
/.assets/@xtuc
/.assets/abbrev
/.assets/accepts
/.assets/acorn
/.assets/ajv
/.assets/ajv-errors
/.assets/ajv-keywords
/.assets/ansi-colors
/.assets/ansi-html
/.assets/ansi-regex
/.assets/anymatch
/.assets/aproba
/.assets/are-we-there-yet
/.assets/arr-diff
/.assets/arr-flatten
/.assets/arr-union
/.assets/array-flatten
/.assets/array-union
/.assets/array-uniq
/.assets/array-unique
/.assets/asn1.js
/.assets/assert
/.assets/assign-symbols
/.assets/async
/.assets/async-each
/.assets/async-limiter
/.assets/atob
/.assets/balanced-match
/.assets/base
/.assets/base64-js
/.assets/batch
/.assets/big.js
/.assets/bin
/.assets/bluebird
/.assets/bn.js
/.assets/body-parser
/.assets/bonjour
/.assets/brace-expansion
/.assets/braces
/.assets/brorand
/.assets/browserify-aes
/.assets/browserify-cipher
/.assets/browserify-des
/.assets/browserify-rsa
/.assets/browserify-sign
/.assets/browserify-zlib
/.assets/buffer
/.assets/buffer-from
/.assets/buffer-indexof
/.assets/buffer-xor
/.assets/builtin-status-codes
/.assets/bytes
/.assets/cacache
/.assets/cache-base
/.assets/camelcase
/.assets/chokidar
/.assets/chownr
/.assets/chrome-trace-event
/.assets/cipher-base
/.assets/class-utils
/.assets/cliui
/.assets/code-point-at
/.assets/collection-visit
/.assets/commander
/.assets/commondir
/.assets/component-emitter
/.assets/components
/.assets/compressible
/.assets/compression
/.assets/concat-map
/.assets/concat-stream
/.assets/connect-history-api-fallback
/.assets/console-browserify
/.assets/console-control-strings
/.assets/constants-browserify
/.assets/content-disposition
/.assets/content-type
/.assets/cookie
/.assets/cookie-signature
/.assets/copy-concurrently
/.assets/copy-descriptor
/.assets/core-util-is
/.assets/create-ecdh
/.assets/create-hash
/.assets/create-hmac
/.assets/cross-spawn
/.assets/crypto-browserify
/.assets/cyclist
/.assets/date-now
/.assets/debug
/.assets/decamelize
/.assets/decode-uri-component
/.assets/deep-equal
/.assets/deep-extend
/.assets/default-gateway
/.assets/define-property
/.assets/del
/.assets/delegates
/.assets/depd
/.assets/des.js
/.assets/destroy
/.assets/detect-libc
/.assets/detect-node
/.assets/diffie-hellman
/.assets/dns-equal
/.assets/dns-packet
/.assets/dns-txt
/.assets/domain-browser
/.assets/duplexify
/.assets/ee-first
/.assets/elliptic
/.assets/emojis-list
/.assets/encodeurl
/.assets/end-of-stream
/.assets/enhanced-resolve
/.assets/errno
/.assets/escape-html
/.assets/eslint-scope
/.assets/esrecurse
/.assets/estraverse
/.assets/etag
/.assets/eventemitter3
/.assets/events
/.assets/eventsource
/.assets/evp_bytestokey
/.assets/execa

Found on 2025-12-25 05:48

Severity: low
Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc30322510973fdf00515bb16f009bcd5c
```
Found 4 files trough .DS_Store spidering:

/.assets
/assets
/documents
/packs
```
Found on 2025-09-24 03:05
Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f175e2dbb5f0c996dfa4568b2fa4568b2
```
Found 3 files trough .DS_Store spidering:

/.assets
/assets
/documents
```
Found on 2024-12-03 04:46

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-mdd.erika-belicova.site
Port: 443
URL: https://api-mdd.erika-belicova.site

First seen 2025-10-24 21:27
Last seen 2025-12-23 02:36
Open for 59 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d6bbd62533d19fbb146d238df46eb3a2b5
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/posts
GET /api/posts/{id}
GET /api/topics
POST /api/auth/login
POST /api/auth/register
POST /api/posts/{id}/comments
POST /api/topics/{id}/subscriptions
```
  Found on 2025-12-23 02:36
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: test.loctoc.ch
Port: 80
URL: http://test.loctoc.ch

First seen 2025-04-26 06:17
Last seen 2025-12-23 01:19
Open for 240 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c1f1b52f11f1b52f1ee5187493b3acd76865a0b3b7f4db5ec

Found 96 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/rest
/img/trainer/rest/note
/img/trainer/rest/rest
/img/trainer/sheet_notes

Found on 2025-12-23 01:19

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf0211ca5db6a91065e356c9c3ecdb6f1dba

Found 24 files trough .DS_Store spidering:

/img
/img/faq
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol

Found on 2025-11-30 05:43

Severity: medium
Fingerprint: 5f32cf5d6962f09c6e6dc6946e6dc694fedec6307f18637751efd19c66f98ad6

Found 84 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer

Found on 2025-10-26 06:31

Severity: medium
Fingerprint: 5f32cf5d6962f09cff76d438ff76d438c300a22c36e6e9e37a4754f0802a2372

Found 93 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/sheet_notes

Found on 2025-08-25 00:31

Severity: low
Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea97cc669111b6b1bced2c71e730092a020

Found 23 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol

Found on 2025-06-26 01:42

Severity: low
Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcf5e19d2073af3f6508a9264b528f9eb08

Found 25 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/public_files
/public_files/downloads

Found on 2025-05-26 02:24

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf0211ca5db66d591a7bade475360a2b438a

Found 24 files trough .DS_Store spidering:

/img
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/public_files
/public_files/downloads

Found on 2025-05-04 04:48

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.sssss.co.in
Port: 80
URL: http://www.sssss.co.in

First seen 2025-07-01 00:37
Last seen 2025-12-22 10:13
Open for 174 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9debeb6aa3ebeb6aa3ebeb6aa3ebeb6aa3
```
Found 1 files trough .DS_Store spidering:

/favicon_io
```
  Found on 2025-12-22 10:13
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: dev.squeeze.cz
Port: 80
URL: http://dev.squeeze.cz

First seen 2025-12-11 01:06
Last seen 2025-12-18 21:42
Open for 7 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d4459a17ac6d9ec5b7b5fbebb56dbec8b56dbec8
```
GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 6, OBJECT: 11, SCALAR: 4)
Operations:
- Query: Query | fields: gameDisplay
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)
```
  Found on 2025-12-18 21:42
  
  21.0 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.bailo.ch
Port: 80
URL: http://api.bailo.ch

First seen 2025-11-25 10:35
Last seen 2025-12-16 14:33
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b920fad49847c0d26847c0d26847c0d26847c0d26
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /property-management/properties
GET /property-management/properties/{propertyId}
```
  Found on 2025-12-16 14:33
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bb51b3818edcefcfeedcefcfeedcefcfeedcefcfe
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /property-management/properties/{propertyId}
POST /property-management/properties
```
  Found on 2025-11-25 10:35
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api-staging.maximomes.app
Port: 80
URL: http://api-staging.maximomes.app

First seen 2025-11-03 09:04
Last seen 2025-12-16 13:29
Open for 43 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fdfcbd6b4b001829a9433755b1d507f00d51b571

GraphQL introspection enabled at /graphql
Types: 269 (by kind: ENUM: 13, INPUT_OBJECT: 106, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-16 13:29

265.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e1614c57cd654b85505aab1100a28164d16706a5

GraphQL introspection enabled at /graphql
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-02 00:13

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36f747e3dab42d8df2ee822471b1a6e7225b3d99b

GraphQL introspection enabled at /graphql
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-16 21:16

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a120b6f80324881c1acc411cb52239abe473eb1c

GraphQL introspection enabled at /graphql
Types: 259 (by kind: ENUM: 13, INPUT_OBJECT: 98, INTERFACE: 2, OBJECT: 72, SCALAR: 74)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-05 07:40

255.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa316ba1348e34e28ec1ab3ffac77572fbb2b906fcc

GraphQL introspection enabled at /graphql
Types: 254 (by kind: ENUM: 12, INPUT_OBJECT: 97, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-03 09:04

249.2 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.estate.erika-belicova.site
Port: 80
URL: http://api.estate.erika-belicova.site

First seen 2025-11-07 01:46
Last seen 2025-12-16 12:48
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d69b053bdfc4e9521049e135493191b7af
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/rentals
GET /api/rentals/{id}
GET /api/user/{id}
POST /api/auth/login
POST /api/auth/register
POST /api/messages
```
  Found on 2025-12-16 12:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.bailo.ch
Port: 443
URL: https://api.bailo.ch

First seen 2025-11-25 10:35
Last seen 2025-12-16 10:10
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b920fad49847c0d26847c0d26847c0d26847c0d26
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /property-management/properties
GET /property-management/properties/{propertyId}
```
  Found on 2025-12-16 10:10
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bb51b3818edcefcfeedcefcfeedcefcfeedcefcfe
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /property-management/properties/{propertyId}
POST /property-management/properties
```
  Found on 2025-11-25 10:35
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.zinr.io
Port: 443
URL: https://api.zinr.io

First seen 2025-11-23 20:15
Last seen 2025-12-14 06:31
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354972e62be0754ce411405cff302c6cae0e4a270400
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /room/create
GET /user/create
POST /room/get
POST /room/match
POST /room/name
POST /room/write
```
  Found on 2025-12-14 06:31
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354972e62be0754ce411405cff302c6cae0ee10e5432
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /room/create
GET /user/create
POST /room/get
POST /room/match
POST /room/write
```
  Found on 2025-12-01 12:02
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354972e62be0754ce411405cff307649a7687649a768
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /room/create
GET /user/create
POST /room/get
POST /room/write
```
  Found on 2025-11-29 03:01
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354972e62be07a98b5c1e864be407736c7d87736c7d8
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /room/create
GET /user/join
POST /room/get
POST /room/write
```
  Found on 2025-11-23 20:15
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.staging.portal.citygames.de
Port: 80
URL: http://api.staging.portal.citygames.de

First seen 2025-11-29 00:55
Last seen 2025-12-14 00:20
Open for 14 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d9181c39a346585bfbe2b3f59676f8159676f815
```
GraphQL introspection enabled at /graphql
Types: 12 (by kind: ENUM: 2, OBJECT: 7, SCALAR: 3)
Operations:
- Query: Query | fields: _empty
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-14 00:20
  
  17.0 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: testshop.braufabrik.de
Port: 443
URL: https://testshop.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: testshop.braufabrik.de
Port: 80
URL: http://testshop.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: kobier.braufabrik.de
Port: 80
URL: http://kobier.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: lebenslangesfreibier.braufabrik.de
Port: 80
URL: http://lebenslangesfreibier.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: rpkraemerpanthershop.braufabrik.de
Port: 80
URL: http://rpkraemerpanthershop.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: gymnicherbier.braufabrik.de
Port: 443
URL: https://gymnicherbier.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: kueblers.braufabrik.de
Port: 80
URL: http://kueblers.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: rpkraemercologne.braufabrik.de
Port: 443
URL: https://rpkraemercologne.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: bierik.braufabrik.de
Port: 443
URL: https://bierik.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: budterence.braufabrik.de
Port: 80
URL: http://budterence.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: bibelbier.braufabrik.de
Port: 80
URL: http://bibelbier.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: ralphsgesoeff.braufabrik.de
Port: 80
URL: http://ralphsgesoeff.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: haerte10.braufabrik.de
Port: 80
URL: http://haerte10.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: agrobs.braufabrik.de
Port: 80
URL: http://agrobs.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: hc-lasergravur.braufabrik.de
Port: 443
URL: https://hc-lasergravur.braufabrik.de

First seen 2025-12-11 20:06
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-mdd.erika-belicova.site
Port: 80
URL: http://api-mdd.erika-belicova.site

First seen 2025-10-24 21:27
Last seen 2025-12-09 01:38
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d6bbd62533d19fbb146d238df46eb3a2b5
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/posts
GET /api/posts/{id}
GET /api/topics
POST /api/auth/login
POST /api/auth/register
POST /api/posts/{id}/comments
POST /api/topics/{id}/subscriptions
```
  Found on 2025-12-09 01:38
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: logistics-api.magicadd.com
Port: 443
URL: https://logistics-api.magicadd.com

First seen 2025-11-16 00:10
Last seen 2025-12-02 10:43
Open for 16 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff4338307baa14ed9b006cb9a36e325bdd170f0c8bb3

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /manage_customers/{id}/users/{user_pk}/
GET /accounts/
GET /accounts/{id}/
GET /alerts/
GET /alerts/{id}/
GET /customers/
GET /customers/{id}/
GET /in_transit_inventory
GET /inventory_locations/
GET /inventory_locations/{id}/
GET /inventory_statuses
GET /inventory_transaction_chains/
GET /inventory_transaction_chains/{id}/
GET /inventory_transactions/
GET /inventory_transactions/{id}/
GET /logistic_plans/
GET /logistic_plans/{id}/
GET /logistic_plans/{id}/excel/
GET /manage_customers/
GET /manage_customers/{id}/
GET /product_logistics_infos/
GET /product_logistics_infos/{id}/
GET /production_rates
GET /products/
GET /products/{id}/
GET /total_production
GET /total_production/products
GET /users/
GET /users/public/
GET /users/public/{id}/
GET /users/{id}/
POST /inventory_locations/{id}/request_more_labels/
POST /inventory_transactions/{id}/feedback/
POST /manage_customers/{id}/archive/
POST /manage_customers/{id}/users/
POST /token/

Found on 2025-12-02 10:43

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: manage.livealert.co.za
Port: 443
URL: https://manage.livealert.co.za

First seen 2025-10-30 08:55
Last seen 2025-12-01 11:51
Open for 32 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e975a091b72746f63ea0d5503bcb47938b
```
Found 5 files trough .DS_Store spidering:

/assets
/assets/icons
/assets/images
/assets/images/onboarding
/assets/images/polygons
```
  Found on 2025-12-01 11:51
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2025-10-30 08:55
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.jasminsjournal.com
Port: 443
URL: https://www.jasminsjournal.com

First seen 2025-08-20 03:16
Last seen 2025-12-01 07:19
Open for 103 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94de2bf1c30a2bf1c30a2bf1c30a
```
Found 2 files trough .DS_Store spidering:

/assets
/assets/Higuen-Serif-20fa51bf8413cc0cdbde76ffbe14e138da04f8b12433e7bd7be9d1f452e82e96 2.otf
```
  Found on 2025-12-01 07:19
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: www.polizeiticker.ch
Port: 80
URL: http://www.polizeiticker.ch

First seen 2025-11-08 00:53
Last seen 2025-12-01 04:56
Open for 23 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-12-01 04:56
  
  49.4 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: www.stant-ad.com
Port: 80
URL: http://www.stant-ad.com

First seen 2025-11-27 17:03
Last seen 2025-11-27 17:03
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2025-11-27 17:03
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: auth-api.clearexpress.fr
Port: 443
URL: https://auth-api.clearexpress.fr

First seen 2025-11-23 03:41
Last seen 2025-11-25 19:27
Open for 2 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ec9da4adef8bac5c2831ffcb32cb6ee15dcb6ee15d
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /dev-api/test/user/list
GET /dev-api/test/user/{userId}
POST /dev-api/test/user/save
PUT /dev-api/test/user/update
```
  Found on 2025-11-25 19:27
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: poiskistini.org
Port: 443
URL: https://poiskistini.org

First seen 2025-11-21 02:48
Last seen 2025-11-22 12:56
Open for 1 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36ed284e71cfaedd5adf5112d3a6acfe5ac37d8e3
```
GraphQL introspection enabled at /graphql
Types: 84 (by kind: ENUM: 2, INPUT_OBJECT: 34, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: dummy, getSlide, prophetVideo, prophetVideos, slides
- Mutation: Mutation | fields: addProphetVideo, createSlide, deleteSlide, dummy, signS3
- Subscription: Subscription | fields: dummy
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-11-22 12:56
  
  84.1 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-21 02:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: catalogue.newnoiseaudio.com
Port: 80
URL: http://catalogue.newnoiseaudio.com

First seen 2025-11-16 00:24
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-16 00:24
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: aflw.tobyduffy.com
Port: 80
URL: http://aflw.tobyduffy.com

First seen 2025-10-18 00:16
Last seen 2025-11-12 21:06
Open for 25 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff434af40e724af40e724af40e724af40e724af40e72
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
POST /login/jwt/
```
  Found on 2025-11-12 21:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: aflw.tobyduffy.com
Port: 443
URL: https://aflw.tobyduffy.com

First seen 2025-10-18 00:16
Last seen 2025-11-12 10:19
Open for 25 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff434af40e724af40e724af40e724af40e724af40e72
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
POST /login/jwt/
```
  Found on 2025-11-12 10:19
Create report

Finds vulnerable Vite development environment

ViteJS development environment found and vulnerable to CVE-2025-30208

IP: 15.197.129.158
Domain: playground.herb-tools.dev
Port: 443
URL: https://playground.herb-tools.dev

First seen 2025-05-11 01:14
Last seen 2025-11-09 00:10
Open for 181 days

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32bdccca4d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=17966
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762646975990-0.9493229795780282:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-09 00:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f144067e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=55832
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762477448128-0.3414143137924832:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-07 01:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f322c11f9b4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=12412
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762263244572-0.08282189108533222:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-04 13:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320a11b2b8

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=28157
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762101684766-0.7278817422712427:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-02 16:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e0b7cf1f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52945
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1761984124601-0.4418163024777919:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-01 08:01

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f323c761aa4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=25300
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1761129211941-0.44496346010172294:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-22 10:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f322e9ca9cc

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=48847
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760957311017-0.1504209091057911:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-20 11:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324984acca

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=13717
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760783594526-0.8929851590290785:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-18 11:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f325ea592ae

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32614
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760605795622-0.7972135487373508:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-16 09:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3217b11bc6

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=55886
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760255630274-0.765197376722722:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-12 07:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f327943a829

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=35294
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760077300993-0.6237080098913683:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-10 06:21

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3269986d22

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=8340
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1759907128294-0.1746605708459028:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-08 07:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3289dc9627

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=41112
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1759733049065-0.11203661386252617:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-06 06:43

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32aa0384b5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=31770
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1759391943743-0.2091324920096389:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-02 07:58

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3285822eed

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=33565
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1758409746306-0.07753118028338024:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-20 23:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32666524c5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=15069
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1758224300714-0.8241412677953228:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-18 19:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32b7f0ed9c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42602
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1758052787396-0.6458863332265752:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-16 19:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32641a7679

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52254
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757737810306-0.13843357872619833:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-13 04:30

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f4048c97

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=10541
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757531965536-0.6396828785082138:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-10 21:55

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3298542bdb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=47250
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757380073188-0.675452065947028:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-09 01:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d4f1070f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42489
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757209991547-0.9981917212174178:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-07 01:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f9dc0e21

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=16992
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757060809634-0.42495642231935826:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-05 08:52

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f326bb49684

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=43645
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756901080218-0.32635773380056454:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-03 12:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3209c5984a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=19584
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756754287615-0.07483222407228052:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-01 19:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32616e9c70

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52993
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756386522402-0.30905570739298827:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-28 13:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f328557b75f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=6584
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751758914937-0.7885943937150135:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-06 10:32

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32beefe917

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=47065
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751583821151-0.7108472876575533:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-04 07:14

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d16c7996

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=48527
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751496018396-0.5279805001771292:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-03 03:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3253e14cec

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32666
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751320505719-0.28156873913336766:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-01 02:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f329fda0b01

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=57336
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750880779299-0.5028223843687956:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-26 12:49

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d5b9d254

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=22804
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750703017961-0.016424100377768536:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-24 06:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3203a7e622

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=58629
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750527671613-0.556973213591103:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-22 06:49

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3292b2ae0a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=26884
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750351930724-0.9846237639757578:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-20 06:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32a72ba4ae

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32912
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750049529225-0.14310143415260024:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-16 10:47

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32acc9be67

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=44461
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749697278375-0.8682073729675419:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-13 01:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320f1d3c38

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=30370
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749520089745-0.20015026062714458:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-10 23:02

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32ececf236

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=27251
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749344685556-0.26341538004616893:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-08 14:22

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324a75a10d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=8585
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748993972296-0.8284922067309226:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-04 13:40

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32b4f0a410

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=45300
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748817431030-0.8859293944818369:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-02 19:48

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32309be019

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4095
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748729386609-0.1666518693038448:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-01 12:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324949c47a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4685
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748552944615-0.9399623803540622:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-30 12:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3215fd2c3e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42858
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748378393008-0.5172547923060653:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-28 18:50

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3231e6279c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=38302
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748289107865-0.42781601896659494:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-26 20:32

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32fc42ed16

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=38663
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748026788011-0.956471402828583:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-24 14:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d6a7b2d2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=10070
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747850897904-0.6479687899093982:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-22 13:37

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320283cd23

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=14630
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747674550231-0.3341354391322575:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-20 15:20

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f323ff1db54

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=9288
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747587192770-0.39392526778036085:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-18 18:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f18f6821

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=34707
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747322270160-0.6522856430421207:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-16 14:14

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e66b019d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=54477
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747060071423-0.8300618024340567:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-13 01:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32290abc25

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=5020
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1746883323811-0.9689532224850292:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-11 01:14

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 76.223.11.49
Domain: streamerxsolla.megamod.io
Port: 443
URL: https://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-11-06 11:57
Open for 234 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522529e553a

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/AdminPanel
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1FQVFdwZ1dTd0JOc2k3TWNWdG5uRTAwakVaMUZSTjFQV3FYNQ==
[branch "xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/xsolla/v17alya/releases

Found on 2025-11-06 11:57

465 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220c7c4fde

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/AdminPanel
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3BLeklTaWFQOHdqSGJvaWJzaFB6RUxZYXNvTzlacDQ2WmttVQ==
[branch "xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/xsolla/v17alya/releases

Found on 2025-06-22 11:19

465 Bytes

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 76.223.11.49
Domain: games-xsolla.megamod.io
Port: 80
URL: http://games-xsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-11-04 21:54
Open for 232 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b8c38636

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1JqZ3J6Mm1HTVlsSnFzSExqUUo3NjRhSTkzdGxOZjFBbkFuTQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-11-04 21:54

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227c81c38c

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzFNRThlVjdkOXZ3ZnJCc3VnSzR1dW95eVM4cjI4dDI1bXUwbA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-20 07:48

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652291dc8b21

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3ZCalpVZjlvaWNVVGd0ZGdkcjV4QmJzZE9JZWJJODBsRXNrVQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-15 11:17

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227e1ac3ed

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzNKUXlTcmVJY3JLWWhIMUFueER1MjE5d0JacG1zSDF6andPZw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-06 10:05

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b908d5a2

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzdaWXZ6YVU1cTBRNE52U1FwY3pKU2pMbzFnN1p5bTRYY3Qybg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-10-02 07:53

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522f5945a63

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3A2R3NrZDU0UkNTSzlyTlZFbzh6bFpvcW1acXRsZjNhZUh2Yg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-30 08:22

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522e6867902

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2ZVVVNHVnpnbTZXTGZSb1p2dkRYSGpYdldOdGlmdTBVeDd5dw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-23 05:55

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522c4bece47

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2t5Q0RpbmRCUk9YbGJyTGJzUDdma09kSXJGd0lWQzN4VkpxMQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-17 06:46

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65220ca3bffb

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3FoRkpFdkdCUzlQQnZRZk1ySENnZFpBT0U3OHM3aDFsVVNiUw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-08 19:08

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65226c06eff6

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2g0cUNBbjdXQ1Y2OFJxYko1WE45d1dLeUtjalR5NjRNVzVMag==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-06 13:45

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223862bf1d

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzE2MXgySjJ2eW1zaE80T1NsUTI5NTk0bmZEa2V6cjFJQk8wYw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-09-02 19:52

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65228bf27868

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzNrQzgzV2N0c3FGT21LTTFUUjNrcTh2NERhOUFsRjFqTjRBYw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-20 16:28

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b832573d

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0o3NmZMNkVkWFNZZFE4WWtZdEc4UFExc3FrbXN1QjBEWTFGcw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-16 12:29

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652290a15c36

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0dzYm5TV3dudTBCUlpsM2tCQnphYlY1cXFNN1pjRjJwNjhWQg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-14 15:42

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522ea71b178

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2hEZDVNMWdkN3lkMng5NFZOb0IwQWdBS2toTUk5YTAySUo1SA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-08-11 01:56

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522726ef7e1

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX04yYVZJTnpSaGZSRGNQeGZUcDBnNnJqUG1rdEVXQzFhVll0bA==
[branch "streamer_tower/xsolla/v17alya/Main_ORIGIN_COPY2"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/Main_ORIGIN_COPY2

Found on 2025-08-06 11:57

515 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65228972a9aa

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1d2eWN2U2NxWUVucG5uekpxQnFmQVNXZXN5VmJFNTEyY3U1SA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-07-28 20:36

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65226f363c07

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX29sY1Nva3ZsbWhYOHpVTDRjSkc4NmVOZU1qdjNLTDJRWGRMWg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-07-06 13:20

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223dcac506

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX29OTWYyaTBPYmFZRlJ3amw0WmxvNFgyZjdtNHJaTDFQUmdNcg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-07-02 16:32

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65223075e754

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0VCTWdVWUphZ2FRaHVZUzRPbmVXeVNVWjVVWWJaNDRmYk8wQg==
[branch "streamer_tower/xsolla/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/releases

Found on 2025-06-22 02:08

481 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522fd4d5aa9

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzlnNEtWRW5HYkVJcEhsR3o1SVU4VTNCZTVZdWM4YTJuZHAzZw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-06-16 17:16

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652224379391

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0xVb0VNRFdlV2pJbDE2ZlVReFNVU1BoMmNOWmZhQjFZOHdDZA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-06-01 19:09

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652220cf48f6

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzXzFYSHo2VzBHaXd3OWs5NXBvVHlMTnI5ZUFtRWVIMzA2MG5pQw==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-29 00:45

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652201b63139

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2tmc0o5Qm1oZHlWdzZCejZESlVGS2ZlMHBFeURVQTNrZ2tHQg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-26 20:08

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65221dc238de

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3R0aWtQMXhKbGtGblVNWGdpajhqWEJYYWpuT3B1SDI2dW00TA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-20 19:57

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227bb09693

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2x3a2NlQjVxU0F1OXA1SkNWM3VrN0lLcGM4eXhmUDNVSjdjRA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-16 02:55

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522c075a904

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3JxUlpPWDVUQkN2TlA5Z0xOZjE1SDNoQTVlU3dUbDBsYjhNbg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-12 23:25

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227b0ade5b

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2FCNDFIZFVVTGpNTE0zOEtSdE5vaW82SHl0dThUdTBaYm4zRA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-05-06 02:44

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522f8644168

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3VtM0gyOVZ2bVoySU5LRERld2ZuUlI2NFd0M21tNzQzeTFJMg==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-04-22 09:39

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522edb0c090

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0YyeVI3dWhYckliR1ZORWZ0b2lERG95bG9sbGdIZzQ2NlFkQQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-04-14 06:46

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652284937ba2

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX0ZUQnFjMmt3ZVh2QmJURkdNUURrSDJtTERaNlp6cjJ0Qll2YQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-22 20:35

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222eed8270

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX3lyUm5PSjZqR28zZ0tib1hsVDZ4Q0c4bTRwdU1URDFDaHNWeA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-20 23:23

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222a47e586

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX2Rva2FBM2ZGT1RWdGltbDRlN0NSb1JqRk1RSFU2YzJ6dEtZTA==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-19 03:16

497 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522a45b8077

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/betterspace-company/Games-Fusion
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hzX1ZPc2xVcTV5ZncycEVYRUl4VllHVTBXbFg1RVdEVTEzaWJmeQ==
[branch "streamer_tower/xsolla/v17alya/releases"]
	remote = origin
	merge = refs/heads/streamer_tower/xsolla/v17alya/releases

Found on 2025-03-17 02:57

497 Bytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: test.sportio.sk
Port: 80
URL: http://test.sportio.sk

First seen 2025-10-26 12:42
Last seen 2025-10-26 12:42
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2025-10-26 12:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.mdd.erika-belicova.site
Port: 443
URL: https://api.mdd.erika-belicova.site

First seen 2025-10-24 20:53
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e5dee9f6d6bbd62533d19fbb146d238df46eb3a2b5
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /api/auth/me
GET /api/posts
GET /api/posts/{id}
GET /api/topics
POST /api/auth/login
POST /api/auth/register
POST /api/posts/{id}/comments
POST /api/topics/{id}/subscriptions
```
  Found on 2025-10-24 20:53
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.ftmfxpro.com
Port: 443
URL: https://api.ftmfxpro.com

First seen 2025-10-15 06:25
Last seen 2025-10-19 09:52
Open for 4 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5727e04f7562e519d1237e0a3efdcf44985722e07

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /v1/contracts/{hash}
DELETE /v1/orders/{hash}
DELETE /v1/robots/{hash}
GET /v1/actives
GET /v1/actives/{ativoId}
GET /v1/asset-history
GET /v1/cities
GET /v1/cities/{cidadeId}
GET /v1/contracts
GET /v1/contracts/{contratoId}
GET /v1/grupos
GET /v1/grupos/{grupoId}
GET /v1/grupos/{grupoId}/permissoes
GET /v1/investments
GET /v1/markets
GET /v1/markets/sse
GET /v1/markets/{symbols}
GET /v1/news
GET /v1/operations
GET /v1/orders
GET /v1/orders/total-operations
GET /v1/orders/{hash}/hash
GET /v1/orders/{ordemId}
GET /v1/permissoes
GET /v1/professions
GET /v1/quotas
GET /v1/quotas/{parcelaId}
GET /v1/releases
GET /v1/releases/total-releases
GET /v1/releases/{hash}/hash
GET /v1/robots
GET /v1/robots/total-operations
GET /v1/robots/{hash}/hash
GET /v1/robots/{hash}/hash-model
GET /v1/states
GET /v1/states/{estadoId}
GET /v1/tokens
GET /v1/users
GET /v1/users/brokers
GET /v1/users/full
GET /v1/users/{hash}/annotation
GET /v1/users/{hash}/balance
GET /v1/users/{hash}/balances
GET /v1/users/{hash}/hash
GET /v1/users/{hash}/password-decrypted
GET /v1/users/{usuarioId}
GET /v1/users/{usuarioId}/photo
GET /v1/users/{usuarioId}/photo/{tipoFoto}
GET /v1/usuarios/{usuarioId}/grupos
POST /v1/releases/{accessKey}
POST /v1/users/home-created
POST /v1/users/{accessKey}
PUT /v1/actives/{id}
PUT /v1/contracts/{hash}/sign
PUT /v1/contracts/{id}
PUT /v1/grupos/{grupoId}/permissoes/{permissaoId}
PUT /v1/orders/{hash}/close
PUT /v1/orders/{hash}/crash-operation
PUT /v1/quotas/{parcelaId}/paid
PUT /v1/releases/{lancamentoHash}
PUT /v1/releases/{lancamentoHash}/authorized
PUT /v1/releases/{lancamentoHash}/canceled
PUT /v1/releases/{lancamentoHash}/confirmed
PUT /v1/robots/{hash}/allow-transfer
PUT /v1/robots/{hash}/transfer-balance
PUT /v1/users/reset-password/{email}
PUT /v1/users/{hash}/logged-in
PUT /v1/users/{usuarioId}/allow-transfer
PUT /v1/users/{usuarioId}/close-order-allowed
PUT /v1/users/{usuarioId}/demo-balance
PUT /v1/users/{usuarioId}/open-order-allowed
PUT /v1/users/{usuarioId}/score
PUT /v1/users/{usuarioId}/senha
PUT /v1/usuarios/{usuarioId}/grupos/{grupoId}

Found on 2025-10-19 09:52

Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
Found on 2025-10-17 09:09

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api-dev.daowakanda.org
Port: 80
URL: http://api-dev.daowakanda.org

First seen 2025-10-17 00:51
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-10-17 00:51
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.cyrillsemah.website
Port: 443
URL: https://www.cyrillsemah.website

First seen 2025-09-21 12:56
Last seen 2025-10-05 00:43
Open for 13 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c8329733f8329733feea7025f45d97ebb5edd355618bb2ad3
```
Found 10 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/assets
/icon.png
/icon.svg
/robots.txt
/uploads
```
  Found on 2025-10-05 00:43
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f87722648431ce07f696691d6ebf9b8865ddd
```
Found 11 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/assets
/cv_cyrill_semah_2025.pdf
/icon.png
/icon.svg
/robots.txt
/uploads
```
  Found on 2025-10-02 23:44
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: cyrillsemah.website
Port: 443
URL: https://cyrillsemah.website

First seen 2025-09-21 13:15
Last seen 2025-10-04 21:58
Open for 13 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f87722648431ce07f696691d6ebf9b8865ddd
```
Found 11 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/assets
/cv_cyrill_semah_2025.pdf
/icon.png
/icon.svg
/robots.txt
/uploads
```
  Found on 2025-10-04 21:58
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: cyrillsemah.website
Port: 80
URL: http://cyrillsemah.website

First seen 2025-09-21 13:15
Last seen 2025-10-04 16:57
Open for 13 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f87722648431ce07f696691d6ebf9b8865ddd
```
Found 11 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/assets
/cv_cyrill_semah_2025.pdf
/icon.png
/icon.svg
/robots.txt
/uploads
```
  Found on 2025-10-04 16:57
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: staging.touterrain.com
Port: 80
URL: http://staging.touterrain.com

First seen 2025-07-19 13:14
Last seen 2025-08-17 03:24
Open for 28 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d49d7343549d7343549d7343549d73435
```
Found 1 files trough .DS_Store spidering:

/android
```
  Found on 2025-08-17 03:24
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: b2design.pt
Port: 443
URL: https://b2design.pt

First seen 2025-01-05 19:30
Last seen 2025-08-08 06:39
Open for 214 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642d00b80a50469be720469be720469be72
```
Found 2 files trough .DS_Store spidering:

/packs
/uploads
```
  Found on 2025-08-08 06:39
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: vieevents.com
Port: 443
URL: https://vieevents.com

First seen 2025-01-01 19:45
Last seen 2025-07-03 09:43
Open for 182 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c2f72f5fb2f72f5fbe1a0fa9712cb699b2195464cc8e66ca1

Found 65 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/css
/favicon.ico
/files
/fonts
/images
/images/blog-1.jpg
/images/blog-2.jpg
/images/bride.jpg
/images/couple-1.jpg
/images/couple-2.jpg
/images/couple-3.jpg
/images/cover_bg_1.jpg
/images/cover_bg_3.jpg
/images/gallery-1.jpg
/images/gallery-2.jpg
/images/gallery-3.jpg
/images/gallery-4.jpg
/images/gallery-5.jpg
/images/gallery-6.jpg
/images/gallery-7.jpg
/images/gallery-8.jpg
/images/gallery-9.jpg
/images/groom.jpg
/images/img_bg_1.jpg
/images/img_bg_2.jpg
/images/img_bg_3.jpg
/images/img_bg_4.jpg
/images/img_bg_5.jpg
/images/jordan2.png
/images/loader.gif
/images/loc.png
/images/marriot.jpg
/images/oranges-up.png
/images/ort.png
/images/portfolio-1.jpg
/images/portfolio-2.jpg
/images/portfolio-3.jpg
/images/portfolio-4.jpg
/images/portfolio-5.jpg
/images/portfolio-6.jpg
/images/portfolio-7.jpg
/images/portfolio-8.jpg
/images/sage.jpg
/images/user-3.jpg
/images/vieevents.png
/images/vieevents2.jpg
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass

Found on 2025-07-03 09:43

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf02ae0625d00646fe264596b83fc65bb831

Found 24 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/css
/favicon.ico
/files
/fonts
/images
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass

Found on 2025-02-08 10:33

Severity: low
Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea98b7246811e07f3d9ca24076e17100a76

Found 23 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/css
/favicon.ico
/fonts
/images
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass

Found on 2025-01-06 17:31

Severity: low
Fingerprint: 5f32cf5d6962f09c7c3d3e457c3d3e4550baf06ddb2a17add87b7b3aa6a24ef1

Found 30 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/about.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/contact.html
/css
/fares-nadeen
/favicon.ico
/fonts
/gallery.html
/images
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass
/services.html

Found on 2025-01-04 16:20

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: streamerxsolla.megamod.io
Port: 80
URL: http://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-06-22 15:03
Open for 97 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a89f920624

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts/BetterSpace
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers

Found on 2025-06-22 15:03

Severity: medium
Fingerprint: 5f32cf5d6962f09c2d9d96002d9d96000b44dfed0950dced55c512c37c4a0723

Found 109 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-20 16:33

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8314e45cd

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages

Found on 2025-06-16 19:54

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a83d90574f

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj

Found on 2025-06-14 08:15

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8c26aabd9

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj

Found on 2025-06-10 10:22

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a85a3a1651

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile

Found on 2025-06-05 10:41

Severity: medium
Fingerprint: 5f32cf5d6962f09c9be405db9be405dbb26421fc39c2607a044bd3bcaacc1aa1

Found 111 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-05-29 01:09

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8ccc38785

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta

Found on 2025-05-19 03:31

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a84bb890d6

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI

Found on 2025-05-16 07:43

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a82f0d4222

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta

Found on 2025-05-13 01:42

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b45963a4298ea6890982d8a2e798ce9038

Found 40 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-28 15:53

Severity: medium
Fingerprint: 5f32cf5d6962f09ce9dbcc92e9dbcc92e5d40b37cf0cb9a39c1f251938b9b302

Found 60 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-26 13:44

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a81e2abcc3

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates

Found on 2025-04-13 08:38

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8beefef87

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween

Found on 2025-03-19 03:16

Severity: medium
Fingerprint: 5f32cf5d6962f09cf118c228f118c22849679815956769a5a7f96c1b552aadf3

Found 101 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-18 22:25

Severity: medium
Fingerprint: 5f32cf5d6962f09c1e3ea8c61e3ea8c6c45b51c3300c3a5fd8ea82ad3c9eb8f5

Found 86 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Severity: medium
Fingerprint: 5f32cf5d6962f09c62fb79d662fb79d63efa9d5349fc816fd551b8bdcf203100

Found 95 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Severity: medium
Fingerprint: 5f32cf5d6962f09cdc8bf8eddc8bf8ed846db9e63e212be0171ec38af1abdf56

Found 89 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: streamerxsolla.megamod.io
Port: 443
URL: https://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-06-22 11:19
Open for 97 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a89f920624

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts/BetterSpace
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers

Found on 2025-06-22 11:19

Severity: medium
Fingerprint: 5f32cf5d6962f09c9be405db9be405dbb26421fc39c2607a044bd3bcaacc1aa1

Found 111 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-20 01:33

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8c006869c

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro

Found on 2025-06-16 14:55

Severity: medium
Fingerprint: 5f32cf5d6962f09c2d9d96002d9d96000b44dfed0950dced55c512c37c4a0723

Found 109 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-14 06:00

Severity: medium
Fingerprint: 5f32cf5d6962f09cf118c228f118c22849679815956769a5a7f96c1b552aadf3

Found 101 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-02 14:32

Severity: medium
Fingerprint: 5f32cf5d6962f09cdc8bf8eddc8bf8ed846db9e63e212be0171ec38af1abdf56

Found 89 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-05-24 04:06

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8314e45cd

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages

Found on 2025-04-27 19:56

Severity: medium
Fingerprint: 5f32cf5d6962f09cb7af8d83b7af8d830f9cda04c3f5d7327528f3f4658b91eb

Found 87 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-12 14:04

Severity: medium
Fingerprint: 5f32cf5d6962f09ce9dbcc92e9dbcc92e5d40b37cf0cb9a39c1f251938b9b302

Found 60 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-12 14:04

Severity: medium
Fingerprint: 5f32cf5d6962f09c1e3ea8c61e3ea8c6c45b51c3300c3a5fd8ea82ad3c9eb8f5

Found 86 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-22 12:10

Severity: medium
Fingerprint: 5f32cf5d6962f09ca29b58f1a29b58f19f122802ec4039fcc05fa04ee7c995f6

Found 78 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.talflow.ai
Port: 443
URL: https://www.talflow.ai

First seen 2025-05-23 04:35
Last seen 2025-06-16 10:56
Open for 24 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa54478dfd65431d7ac77f4d585298e0e40270

Found 18 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/downloads
/favicon.ico
/robots.txt
/videos
/videos/cover_letter_generator_web.mp4
/videos/cv_analysis_talflow.mp4
/videos/interview_questions_talflow.mp4
/videos/profile_preferences_talflow.mp4
/videos/student_events.mp4
/videos/talentpool_talflow.mp4
/videos/talflow-whatsapp.mp4
/videos/talflow_filters.mp4
/videos/talflowpersonaljobtracker.mp4

Found on 2025-06-16 10:56

Severity: low
Fingerprint: 5f32cf5d6962f09c47dfe71947dfe719511acc516ca19a49c4e4557ef14fa430

Found 16 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/downloads
/favicon.ico
/robots.txt
/videos
/videos/cover_letter_generator_web.mp4
/videos/cv_analysis_talflow.mp4
/videos/interview_questions_talflow.mp4
/videos/profile_preferences_talflow.mp4
/videos/student_events.mp4
/videos/talentpool_talflow.mp4
/videos/talflow_filters.mp4

Found on 2025-06-04 13:51

Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbecc9a916cd8c9f71a4dbed4ab842cf8a3

Found 15 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/downloads
/favicon.ico
/robots.txt
/videos
/videos/cover_letter_generator_web.mp4
/videos/cv_analysis_talflow.mp4
/videos/profile_preferences_talflow.mp4
/videos/student_events.mp4
/videos/talentpool_talflow.mp4
/videos/talflow_filters.mp4

Found on 2025-06-01 13:10

Severity: low
Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe56ccd0a90f673eecde

Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/downloads
/favicon.ico
/robots.txt
/videos
/videos/cv_analysis_talflow.mp4
/videos/talflow_profile_preferences.mp4

Found on 2025-05-28 19:16

Severity: low
Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d820452ce2850033c472714291bbf47a53

Found 8 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/downloads
/favicon.ico
/robots.txt

Found on 2025-05-26 14:39

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: eatold.emenunow.com
Port: 443
URL: https://eatold.emenunow.com

First seen 2025-05-12 23:47
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe56ccd0a90f16b30a2f
```
Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/assets
/background
/bell.mp3
/favicon.ico
/fonts
/robots.txt
```
  Found on 2025-05-12 23:47
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: website-stage.primerentcar.com
Port: 80
URL: http://website-stage.primerentcar.com

First seen 2025-03-21 11:38
Last seen 2025-05-12 08:33
Open for 51 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f567349e42a0421a755ba6b4455ba6b44
```
Found 3 files trough .DS_Store spidering:

/fonts
/icons
/preloadcomp
```
  Found on 2025-05-12 08:33
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: www.cinequest.me
Port: 443
URL: https://www.cinequest.me

First seen 2024-12-23 00:09
Last seen 2025-03-18 08:07
Open for 85 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176424f6f1120605e6aa7605e6aa7605e6aa7
```
Found 2 files trough .DS_Store spidering:

/mailers
/uploads
```
  Found on 2025-03-18 08:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: staging.vieevents.com
Port: 443
URL: https://staging.vieevents.com

First seen 2024-11-03 19:50
Last seen 2024-11-05 03:35
Open for 1 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a089d5148465195bedeef77f715d0509b
```
Found 19 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/fares-nadeen
/fares-nadeen/about.html
/fares-nadeen/contact.html
/fares-nadeen/css
/fares-nadeen/fonts
/fares-nadeen/gallery.html
/fares-nadeen/images
/fares-nadeen/index.html
/fares-nadeen/js
/fares-nadeen/ReadMe.md
/fares-nadeen/sass
/fares-nadeen/services.html
/favicon.ico
/robots.txt
```
  Found on 2024-11-05 03:35
Create report

Open service 76.223.11.49:443 · app.whatcampaign.com

2026-01-12 08:32

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1035
Content-Type: text/html
Date: Mon, 12 Jan 2026 08:32:44 GMT
Etag: "6964a676-40b"
Last-Modified: Mon, 12 Jan 2026 07:44:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=m4heTxJWKvFodCUAm54T1ohU5ryIPzmjmy3sY9aGWI0%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768206764"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=m4heTxJWKvFodCUAm54T1ohU5ryIPzmjmy3sY9aGWI0%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1768206764"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Page title: WhatCampaign

<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>WhatCampaign</title>
    <script>
      // Prevent flash by setting theme BEFORE page renders
      (function() {
        try {
          const stored = localStorage.getItem('whatcampaign-theme');
          const isDark = stored === 'speedrun-dark';
          document.documentElement.style.backgroundColor = isDark ? '#0f0f0f' : '#FFFFFF';
        } catch (e) {
          // localStorage not available, use light theme
          document.documentElement.style.backgroundColor = '#FFFFFF';
        }
      })();
    </script>
    <style>
      /* Match theme background colors */
      html, body {
        margin: 0;
        padding: 0;
      }
    </style>
    <script type="module" crossorigin src="/assets/index-V8hG7CHb.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-U9Fm3Wha.css">
  </head>
  <body>
    <div id="root"></div>
  </body>
</html>

Found about a minute ago by HttpPlugin

Host 76.223.11.49

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Symfony developement panel enabled

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available